From 36f980abd35b14632e66754b5a08e8b6e2980a01 Mon Sep 17 00:00:00 2001 From: "Brian C. Lane" Date: Fri, 6 Nov 2015 14:11:28 -0800 Subject: [PATCH] Add --sshkey to kickstart sshpw command (#1274104) This allows users to setup installation users with ssh keys instead of passwords. Resolves: rhbz#1274104 --- anaconda.spec.in | 2 +- utils/handle-sshpw | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/anaconda.spec.in b/anaconda.spec.in index c4eb4bf1fa7..82e22cb9d26 100644 --- a/anaconda.spec.in +++ b/anaconda.spec.in @@ -21,7 +21,7 @@ Source0: %{name}-%{version}.tar.bz2 # Also update in AM_GNU_GETTEXT_VERSION in configure.ac %define gettextver 0.18.3 %define intltoolver 0.31.2-3 -%define pykickstartver 2.9 +%define pykickstartver 2.20 %define dnfver 0.6.4 %define partedver 1.8.1 %define pypartedver 2.5-2 diff --git a/utils/handle-sshpw b/utils/handle-sshpw index 5e15f08d422..1ce0a2f2948 100755 --- a/utils/handle-sshpw +++ b/utils/handle-sshpw @@ -3,7 +3,7 @@ # handle-sshpw: Code processing sshpw lines in kickstart files for the # install environment. # -# Copyright (C) 2012 Red Hat, Inc. All rights reserved. +# Copyright (C) 2012-2015 Red Hat, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -46,9 +46,15 @@ u = users.Users() userdata = ksparser.handler.sshpw.dataList() for ud in userdata: if u.checkUserExists(ud.username, root="/"): - u.setUserPassword(username=ud.username, password=ud.password, - isCrypted=ud.isCrypted, lock=ud.lock) + if not ud.sshkey: + u.setUserPassword(username=ud.username, password=ud.password, + isCrypted=ud.isCrypted, lock=ud.lock) else: kwargs = ud.__dict__ kwargs.update({"root": "/"}) u.createUser(ud.username, **kwargs) + + if ud.sshkey: + # Setup the account so that only the sshkey can be used + u.setUserPassword(username=ud.username, password="*", isCrypted=True, lock=False) + u.setUserSshKey(username=ud.username, key=ud.password, root="/")