From: Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: initramfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
soltys-R61QfzASbfY@public.gmane.org
Subject: [PATCH 4/5 branch usrmove v2] Add ssh client module code
Date: Mon, 26 Dec 2011 14:29:21 +0800 [thread overview]
Message-ID: <20111226062920.GA3147@darkstar.nay.redhat.com> (raw)
Add ssh client module which support ssh key mode and interactive mode.
with --sshkey option you can provide the ssh key to be installed
>why not call it "ssh" module?
ssh-client is better, maybe future there will be ssh-server come in.
In debian these are also two different packages.
Usage:
1. sshkey mode:
transfer your public key to remote machine with ssh-copy-id or do it mannaully
example of options:
./dracut -l -H -a ssh-client --sshkey /root/.ssh/id_rsa i.img
2. interactive mode:
need use --ctty option, ie.:
./dracut -l -H -a ssh-client --ctty i.img
[v2 changes]:
per wangcong: add patch description about module name
add help line in usage()
remove useless comment
Signed-off-by: Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---
dracut | 4 ++-
dracut.8.xml | 8 ++++
modules.d/95ssh-client/module-setup.sh | 60 ++++++++++++++++++++++++++++++++
3 files changed, 71 insertions(+), 1 deletions(-)
create mode 100644 modules.d/95ssh-client/module-setup.sh
diff --git a/dracut b/dracut
index 24a89e6..b0a8e24 100755
--- a/dracut
+++ b/dracut
@@ -118,6 +118,7 @@ Creates initial ramdisk images for preloading modules
-M, --show-modules Print included module's name to standard output during
build.
--keep Keep the temporary initramfs for debugging purposes
+ --sshkey [SSHKEY] Add ssh key to initramfs (use with ssh-client module)
EOF
}
@@ -233,6 +234,7 @@ while (($# > 0)); do
--debug) debug="yes";;
--profile) profile="yes";;
--ctty) cttyhack="yes";;
+ --sshkey) read_arg sshkey "$@" || shift;;
-v|--verbose) ((verbosity_mod_l++));;
-q|--quiet) ((verbosity_mod_l--));;
-l|--local) allowlocal="yes" ;;
@@ -590,7 +592,7 @@ export initdir dracutbasedir dracutmodules drivers \
add_drivers mdadmconf lvmconf filesystems \
use_fstab libdir usrlibdir fscks nofscks cttyhack \
stdloglvl sysloglvl fileloglvl kmsgloglvl logfile \
- debug host_fs_types host_devs
+ debug host_fs_types host_devs sshkey
# Create some directory structure first
[[ $prefix ]] && mkdir -m 0755 -p "${initdir}${prefix}"
diff --git a/dracut.8.xml b/dracut.8.xml
index a46fc04..a88fe16 100644
--- a/dracut.8.xml
+++ b/dracut.8.xml
@@ -370,6 +370,14 @@ Default:
</varlistentry>
<varlistentry>
<term>
+ <option>--sshkey <replaceable><sshkey file></replaceable></option>
+ </term>
+ <listitem>
+ <para>ssh key file used with ssh-client module.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
<option>-l</option>
</term>
<term>
diff --git a/modules.d/95ssh-client/module-setup.sh b/modules.d/95ssh-client/module-setup.sh
new file mode 100644
index 0000000..0ffc298
--- /dev/null
+++ b/modules.d/95ssh-client/module-setup.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+# fixme: assume user is root
+
+check() {
+ # If our prerequisites are not met, fail.
+ type -P ssh >/dev/null || return 1
+ type -P scp >/dev/null || return 1
+ if [[ $sshkey ]]; then
+ [ ! -f $sshkey ] && {
+ derror "sshkey is not found!"
+ return 1
+ }
+ [[ ! $cttyhack = yes ]] && {
+ dinfo "--ctty is not used, you should make sure the machine is knowhost and copy the sshkey to remote machine!"
+ }
+ else
+ [[ ! $cttyhack = yes ]] && {
+ derror "ssh interactive mode need option --ctty!"
+ return 1
+ }
+ fi
+
+ return 0
+}
+
+depends() {
+ # We depend on network modules being loaded
+ echo network
+}
+
+inst_sshenv()
+{
+ if [ -d /root/.ssh ]; then
+ inst_dir /root/.ssh
+ chmod 700 ${initdir}/root/.ssh
+ fi
+
+ # Copy over ssh key and knowhosts if needed
+ [[ $sshkey ]] && {
+ inst $sshkey
+ [[ -f /root/.ssh/known_hosts ]] && inst /root/.ssh/known_hosts
+ [[ -f /etc/ssh/ssh_known_hosts ]] && inst /etc/ssh/ssh_known_hosts
+ }
+
+ # Copy over root and system-wide ssh configs.
+ [[ -f /root/.ssh/config ]] && inst /root/.ssh/config
+ [[ -f /etc/ssh/ssh_config ]] && inst /etc/ssh/ssh_config
+
+ return 0
+}
+
+install() {
+ inst ssh
+ inst scp
+ inst_sshenv
+}
+
--
1.7.1
next reply other threads:[~2011-12-26 6:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-26 6:29 Dave Young [this message]
[not found] ` <20111226062920.GA3147-4/PLUo9XfK+sDdueE5tM26fLeoKvNuZc@public.gmane.org>
2012-01-23 11:04 ` [PATCH 4/5 branch usrmove v2] Add ssh client module code Harald Hoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111226062920.GA3147@darkstar.nay.redhat.com \
--to=dyoung-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=initramfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=soltys-R61QfzASbfY@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.