def setUserSshKey(self, username, key, **kwargs):
root = kwargs.get("root", iutil.getSysroot())
pwent = self._getpwnam(username, root)
if not pwent:
raise ValueError("setUserSshKey: user %s does not exist" %
username)
homedir = root + pwent[5]
if not os.path.exists(homedir):
log.error("setUserSshKey: home directory for %s does not exist",
username)
raise ValueError(
"setUserSshKey: home directory for %s does not exist" %
username)
uid = pwent[2]
gid = pwent[3]
sshdir = os.path.join(homedir, ".ssh")
if not os.path.isdir(sshdir):
os.mkdir(sshdir, 0o700)
os.chown(sshdir, int(uid), int(gid))
authfile = os.path.join(sshdir, "authorized_keys")
authfile_existed = os.path.exists(authfile)
with iutil.open_with_perm(authfile, "a", 0o600) as f:
f.write(key + "\n")
# Only change ownership if we created it
if not authfile_existed:
os.chown(authfile, int(uid), int(gid))
iutil.execWithRedirect("restorecon", ["-r", sshdir])
def setUserSshKey(self, username, key, **kwargs):
root = kwargs.get("root", iutil.getSysroot())
pwent = self._getpwnam(username, root)
if not pwent:
raise ValueError("setUserSshKey: user %s does not exist" % username)
homedir = root + pwent[5]
if not os.path.exists(homedir):
log.error("setUserSshKey: home directory for %s does not exist", username)
raise ValueError("setUserSshKey: home directory for %s does not exist" % username)
uid = pwent[2]
gid = pwent[3]
sshdir = os.path.join(homedir, ".ssh")
if not os.path.isdir(sshdir):
os.mkdir(sshdir, 0o700)
os.chown(sshdir, int(uid), int(gid))
authfile = os.path.join(sshdir, "authorized_keys")
authfile_existed = os.path.exists(authfile)
with iutil.open_with_perm(authfile, "a", 0o600) as f:
f.write(key + "\n")
# Only change ownership if we created it
if not authfile_existed:
os.chown(authfile, int(uid), int(gid))
iutil.execWithRedirect("restorecon", ["-r", sshdir])
def setUserSshKey(self, username, key, **kwargs):
childpid = self._prepareChroot(kwargs.get("root", iutil.getSysroot()))
if childpid == 0:
user = self.admin.lookupUserByName(username)
if not user:
log.error("setUserSshKey: user %s does not exist", username)
os._exit(1)
homedir = user.get(libuser.HOMEDIRECTORY)[0]
if not os.path.exists(homedir):
log.error("setUserSshKey: home directory for %s does not exist", username)
os._exit(1)
sshdir = os.path.join(homedir, ".ssh")
if not os.path.isdir(sshdir):
os.mkdir(sshdir, 0o700)
iutil.eintr_retry_call(os.chown, sshdir, user.get(libuser.UIDNUMBER)[0], user.get(libuser.GIDNUMBER)[0])
authfile = os.path.join(sshdir, "authorized_keys")
authfile_existed = os.path.exists(authfile)
with iutil.open_with_perm(authfile, "a", 0o600) as f:
f.write(key + "\n")
# Only change ownership if we created it
if not authfile_existed:
iutil.eintr_retry_call(os.chown, authfile, user.get(libuser.UIDNUMBER)[0], user.get(libuser.GIDNUMBER)[0])
iutil.execWithRedirect("restorecon", ["-r", sshdir])
os._exit(0)
else:
return self._finishChroot(childpid)
def open_with_perm_test(self):
"""Test the open_with_perm function"""
# Create a directory for test files
test_dir = tempfile.mkdtemp()
try:
# Reset the umask
old_umask = os.umask(0)
try:
# Create a file with mode 0777
iutil.open_with_perm(test_dir + '/test1', 'w', 0o777)
self.assertEqual(os.stat(test_dir + '/test1').st_mode & 0o777, 0o777)
# Create a file with mode 0600
iutil.open_with_perm(test_dir + '/test2', 'w', 0o600)
self.assertEqual(os.stat(test_dir + '/test2').st_mode & 0o777, 0o600)
finally:
os.umask(old_umask)
finally:
shutil.rmtree(test_dir)
def open_with_perm_test(self):
"""Test the open_with_perm function"""
# Create a directory for test files
test_dir = tempfile.mkdtemp()
try:
# Reset the umask
old_umask = os.umask(0)
try:
# Create a file with mode 0777
iutil.open_with_perm(test_dir + '/test1', 'w', 0o777)
self.assertEqual(os.stat(test_dir + '/test1').st_mode & 0o777, 0o777)
# Create a file with mode 0600
iutil.open_with_perm(test_dir + '/test2', 'w', 0o600)
self.assertEqual(os.stat(test_dir + '/test2').st_mode & 0o777, 0o600)
finally:
os.umask(old_umask)
finally:
shutil.rmtree(test_dir)
def _writeKS(ksdata):
path = iutil.getSysroot() + "/root/anaconda-ks.cfg"
# Clear out certain sensitive information that kickstart doesn't have a
# way of representing encrypted.
for obj in [ksdata.autopart] + ksdata.logvol.dataList() + \
ksdata.partition.dataList() + ksdata.raid.dataList():
obj.passphrase = ""
# Make it so only root can read - could have passwords
with iutil.open_with_perm(path, "w", 0o600) as f:
f.write(str(ksdata))
def _writeKS(ksdata):
path = iutil.getSysroot() + "/root/anaconda-ks.cfg"
# Clear out certain sensitive information that kickstart doesn't have a
# way of representing encrypted.
for obj in [ksdata.autopart] + ksdata.logvol.dataList() + \
ksdata.partition.dataList() + ksdata.raid.dataList():
obj.passphrase = ""
# Make it so only root can read - could have passwords
with iutil.open_with_perm(path, "w", 0o600) as f:
f.write(str(ksdata))
