Add PermitRootLogin option in sshd_config before leapp.

One of the pre-requisites for leapp tool to be able to upgrade is the existence of the PermitRootLogin option in the sshd_config file. It doesn't mind which value it has, it needs to be set. For that reason, this patch will set the value to without-password (which is the default for the PermitRootLogin field). The selection of the option isn't really relevant, as during the installation of the openstack services puppet will just overwrite the sshd_config, therefore this is simply a hack for leapp to let us upgrade. Change-Id: Id647896fda6cc3fe7bf5eb5ba2de05111d174092 (cherry picked from commit d8e5ccb8cb)
2020-07-03 16:05:32 +02:00 · 2020-07-03 16:05:32 +02:00 · 3e2a8d91cf
parent 3631ee2ff4
commit 3e2a8d91cf
1 changed files with 9 additions and 1 deletions
--- a/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml
+++ b/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml
@ -163,7 +163,15 @@ outputs:
                path: "/etc/leapp/transaction/to_install"
                line: "{{ item }}"
              loop: "{{ pkg_to_install }}"
-
+            - name: "check sshd_config file"
+              stat:
+                path: "/etc/ssh/sshd_config"
+              register: sshd_config_result
+            - name: "add PermitRootLogin option for leapp"
+              lineinfile:
+                path: "/etc/ssh/sshd_config"
+                regexp: "^(# *)?PermitRootLogin"
+                line: "PermitRootLogin without-password"
        - name: system_upgrade_prepare step 4
          tags:
            - never