def _writeKS(ksdata):
path = conf.target.system_root + "/root/anaconda-ks.cfg"
# Make it so only root can read - could have passwords
with open_with_perm(path, "w", 0o600) as f:
f.write("# Generated by Anaconda {}\n".format(
util.get_anaconda_version_string()))
f.write(str(ksdata))
def test_open_with_perm(self):
"""Test the open_with_perm function"""
# Create a directory for test files
test_dir = tempfile.mkdtemp()
try:
# Reset the umask
old_umask = os.umask(0)
try:
# Create a file with mode 0777
open_with_perm(test_dir + '/test1', 'w', 0o777)
assert os.stat(test_dir + '/test1').st_mode & 0o777 == 0o777
# Create a file with mode 0600
open_with_perm(test_dir + '/test2', 'w', 0o600)
assert os.stat(test_dir + '/test2').st_mode & 0o777 == 0o600
finally:
os.umask(old_umask)
finally:
shutil.rmtree(test_dir)
def write_password_config(self):
if not self.password and not self.encrypted_password:
return
users_file = "%s%s/%s" % (conf.target.system_root, self.config_dir,
self._passwd_file)
header = open_with_perm(users_file, "w", 0o600)
# XXX FIXME: document somewhere that the username is "root"
self._encrypt_password()
password_line = "GRUB2_PASSWORD="******"%s\n" % password_line)
header.close()
def write_config(self):
""" Write the bootloader configuration. """
if not self.config_file:
raise BootLoaderError(
"no config file defined for this boot loader")
config_path = os.path.normpath(conf.target.system_root +
self.config_file)
if os.access(config_path, os.R_OK):
os.rename(config_path, config_path + ".anacbak")
config = open_with_perm(config_path, "w", self.config_file_mode)
self.write_config_header(config)
self.write_config_images(config)
config.close()
self.write_config_post()
def set_user_ssh_key(username, key, root=None):
"""Set an SSH key for a given username.
:param str username: a username
:param str key: the SSH key to set
:param str root: target system sysroot path
"""
if root is None:
root = conf.target.system_root
pwent = _getpwnam(username, root)
if not pwent:
raise ValueError("set_user_ssh_key: user %s does not exist" % username)
homedir = root + pwent[5]
if not os.path.exists(homedir):
log.error("set_user_ssh_key: home directory for %s does not exist",
username)
raise ValueError(
"set_user_ssh_key: home directory for %s does not exist" %
username)
uid = pwent[2]
gid = pwent[3]
sshdir = os.path.join(homedir, ".ssh")
if not os.path.isdir(sshdir):
os.mkdir(sshdir, 0o700)
os.chown(sshdir, int(uid), int(gid))
authfile = os.path.join(sshdir, "authorized_keys")
authfile_existed = os.path.exists(authfile)
with open_with_perm(authfile, "a", 0o600) as f:
f.write(key + "\n")
# Only change ownership if we created it
if not authfile_existed:
os.chown(authfile, int(uid), int(gid))
util.execWithRedirect("restorecon", ["-r", sshdir])
def dracut_eject(device):
"""
Use dracut shutdown hook to eject media after the system is shutdown.
This is needed because we are running from the squashfs.img on the media
so ejecting too early will crash the installer.
"""
if not device:
return
try:
if not os.path.exists(DRACUT_SHUTDOWN_EJECT):
make_directories(os.path.dirname(DRACUT_SHUTDOWN_EJECT))
f = open_with_perm(DRACUT_SHUTDOWN_EJECT, "w", 0o755)
f.write("#!/bin/sh\n")
f.write("# Created by Anaconda\n")
else:
f = open(DRACUT_SHUTDOWN_EJECT, "a")
f.write("eject %s\n" % (device, ))
f.close()
log.info("Wrote dracut shutdown eject hook for %s", device)
except OSError as e:
log.error("Error writing dracut shutdown eject hook for %s: %s",
device, e)