From 892ae92d971fd7a2c8d39e416512bb69f7fd833f Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 29 Jan 2020 17:04:43 +0000 Subject: [PATCH] CentOS 8: Allow SSH access to keystone_ssh and nova_ssh The centos:8 image contains a /run/nologin file, which prevents SSH access to it. Remove this file in the keystone_ssh and nova_ssh images to allow login via SSH. Change-Id: I59dc2c4207af6812501b6c6acdb34e51a3e848c4 Partially-Implements: blueprint centos-rhel-8 --- docker/keystone/keystone-ssh/Dockerfile.j2 | 7 +++++++ docker/nova/nova-ssh/Dockerfile.j2 | 10 +++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/docker/keystone/keystone-ssh/Dockerfile.j2 b/docker/keystone/keystone-ssh/Dockerfile.j2 index 233dedf7cd..442f2df9d4 100644 --- a/docker/keystone/keystone-ssh/Dockerfile.j2 +++ b/docker/keystone/keystone-ssh/Dockerfile.j2 @@ -12,6 +12,13 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'openssh-server', 'rsync' ] %} + +{% if distro_package_manager == 'dnf' %} +# NOTE(mgoddard): The centos:8 image contains a /run/nologin file, which +# prevents SSH access to it. +RUN rm -f /run/nologin +{% endif %} + {% elif base_package_type == 'deb' %} {% set keystone_ssh_packages = [ 'openssh-server', diff --git a/docker/nova/nova-ssh/Dockerfile.j2 b/docker/nova/nova-ssh/Dockerfile.j2 index a032cb6e7e..3d0ebd04d5 100644 --- a/docker/nova/nova-ssh/Dockerfile.j2 +++ b/docker/nova/nova-ssh/Dockerfile.j2 @@ -11,7 +11,15 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'openssh-server' ] %} -{% if base_package_type == 'deb' %} +{% if base_package_type == 'rpm' %} + +{% if distro_package_manager == 'dnf' %} +# NOTE(mgoddard): The centos:8 image contains a /run/nologin file, which +# prevents SSH access to it. +RUN rm -f /run/nologin +{% endif %} + +{% elif base_package_type == 'deb' %} RUN mkdir -p /var/run/sshd \ && chmod 0755 /var/run/sshd