From e8068d15d1d94e9dcfae8cc26d37948e306cb45f Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Tue, 9 Dec 2014 17:53:27 +0000
Subject: [PATCH] Enable all in one build in openstack-infra

This commit implements changes in the all in one scripted build in order
to make it work within openstack-infra:

1) flush all iptables rules put into place by openstack-infra
2) permit root login to sshd

Change-Id: Ib7eba632034f276184bd58fe33e5cab7f1c63b76
Closes-Bug: 1399651
---
 scripts/os-ansible-aio-check.sh | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/scripts/os-ansible-aio-check.sh b/scripts/os-ansible-aio-check.sh
index a8cdd8ed2c..93bca99745 100755
--- a/scripts/os-ansible-aio-check.sh
+++ b/scripts/os-ansible-aio-check.sh
@@ -31,6 +31,24 @@ apt-get install -y python-dev \
                    lvm2 \
                    linux-image-extra-$(uname -r)
 
+# Flush all the iptables rules set by openstack-infra
+iptables -F
+iptables -X
+iptables -t nat -F
+iptables -t nat -X
+iptables -t mangle -F
+iptables -t mangle -X
+iptables -P INPUT ACCEPT
+iptables -P FORWARD ACCEPT
+iptables -P OUTPUT ACCEPT
+
+# Ensure that sshd permits root login, or ansible won't be able to connect
+if grep "^PermitRootLogin" /etc/ssh/sshd_config > null; then
+  sed -i 's/^PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
+else
+  echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
+fi
+
 function key_create(){
   ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ''
 }