Skip to content
This repository was archived by the owner on Mar 22, 2018. It is now read-only.

[merged] cloud-init: Fix SSH authentication #74

Closed
mbarnes wants to merge 3 commits into from
Closed

[merged] cloud-init: Fix SSH authentication #74

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2d48704
cloud-init: Fix SSH authentication
mbarnes Mar 29, 2016
221f412
fixup! cloud-init: Fix SSH authentication
mbarnes Mar 30, 2016
147d29d
fixup! cloud-init: Fix SSH authentication
mbarnes Mar 30, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 24 additions & 8 deletions contrib/cloud-init/part-handler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@
#

import sys
import stat
import os
import os.path
import configparser
import subprocess
Expand Down Expand Up @@ -113,15 +115,29 @@ def handle_part(data, ctype, filename, payload):
cluster = keys.get('COMMISSAIRE_CLUSTER')
keyfile = keys.get('ROOT_SSH_KEY_PATH', '/root/.ssh/id_rsa')

if keyfile and not os.path.isfile(keyfile):
if keyfile:
if not os.path.isfile(keyfile):
try:
subprocess.check_call(
['/usr/bin/ssh-keygen', '-q', '-N', '',
'-t', 'rsa', '-f', keyfile])
except FileNotFoundError:
print('Missing /usr/bin/ssh-keygen', file=sys.stderr)
raise
Copy link
Collaborator

@ashcrow ashcrow Mar 30, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Not worth fixing in this PR but I'm OCD about raise providing a class and at least one arg à la:

raise Exception('Missing /usr/bin/ssh-keygen')

Copy link
Contributor Author

@mbarnes mbarnes Mar 30, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying to re-raise the current exception, but maybe I'm doing it wrong?

But it's really just to signal to cloud-init that the script failed so cloud-init can swallow all the error details and log something generic and not very helpful. 😡

except subprocess.CalledProcessError as ex:
print(str(ex), file=sys.stderr)
raise

try:
subprocess.check_call(
['/usr/bin/ssh-keygen', '-q', '-N', '',
'-t', 'rsa', '-f', keyfile])
except FileNotFoundError:
print('Missing /usr/bin/ssh-keygen', file=sys.stderr)
raise
except subprocess.CalledProcessError as ex:
authorized_keys = '/root/.ssh/authorized_keys'
with open(keyfile + '.pub') as inpf:
# If creating a new file, set mode to 0600.
fd = os.open(authorized_keys,
os.O_WRONLY | os.O_APPEND | os.O_CREAT,
stat.S_IRUSR | stat.S_IWUSR)
with os.fdopen(fd, 'a') as outf:
outf.writelines(inpf.readlines())
Copy link
Member

@cgwalters cgwalters Mar 30, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not that it matters a lot but in Python 2 this returns a full complete list in memory, you want xreadlines. Or alternatively shutil.copyfileobj() ?

Copy link
Contributor Author

@mbarnes mbarnes Mar 30, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did look at shutil.copyfileobj() but I need to append here. And in this case the input file should be a one-liner.

except Exception as ex:
print(str(ex), file=sys.stderr)
raise

Expand Down