Add PermitRootLogin option in sshd_config before leapp.

One of the pre-requisites for leapp tool to be able to upgrade is the existence of the PermitRootLogin option in the sshd_config file. It doesn't mind which value it has, it needs to be set. For that reason, this patch will set the value to without-password (which is the default for the PermitRootLogin field). The selection of the option isn't really relevant, as during the installation of the openstack services puppet will just overwrite the sshd_config, therefore this is simply a hack for leapp to let us upgrade. Change-Id: Id647896fda6cc3fe7bf5eb5ba2de05111d174092 (cherry picked from commit d8e5ccb8cb) (cherry picked from commit 3e2a8d91cf)
2020-07-03 16:05:32 +02:00 · 2020-07-03 16:05:32 +02:00 · 82b508a3f1
parent 9b3edb40dc
commit 82b508a3f1
1 changed files with 9 additions and 1 deletions
--- a/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml
+++ b/deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml
@ -252,7 +252,15 @@ outputs:
                path: "/etc/leapp/transaction/to_install"
                line: "{{ item }}"
              loop: "{{ pkg_to_install }}"
-
+            - name: "check sshd_config file"
+              stat:
+                path: "/etc/ssh/sshd_config"
+              register: sshd_config_result
+            - name: "add PermitRootLogin option for leapp"
+              lineinfile:
+                path: "/etc/ssh/sshd_config"
+                regexp: "^(# *)?PermitRootLogin"
+                line: "PermitRootLogin without-password"
        - name: system_upgrade_prepare step 4
          tags:
            - never