openstack/trove-integration
Code Issues Proposed changes

Fix incorrect redirection when staging SSH files.

Browse Source 
Existing code uses sudo and cat with redirection to stage SSH files
(e.g. id_rsa). But the redirection redirects the output of the sudo
command as well as the cat command. Thus, any stdout from the
interactive shell (e.g. .bashrc) can end up in the staged files.
Remove the redirection and use dd instead (as is used to copy
staged files to their final destination).

Closes-Bug: #1266557
Change-Id: Ia976bc309a282e4917e89afca52b6986bab26f07
This commit is contained in:
Mat Lowery
2014-01-06 15:22:10 -06:00
parent 506e33964a
commit 256e64e723
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/files/elements/fedora-guest/extra-data.d/62-ssh-key
View File

@@ -23,9 +23,9 @@ fi
# not these keys should not be overridden otherwise a) you won't be able to ssh in and b) the guest won't be able to
# rsync the files
if [ -e ${SSH_DIR}/authorized_keys ]; then
sudo -Hiu ${HOST_USERNAME} cat ${SSH_DIR}/authorized_keys > ${TMP_HOOKS_PATH}/ssh-authorized-keys
sudo -Hiu ${HOST_USERNAME} cat ${SSH_DIR}/id_rsa > ${TMP_HOOKS_PATH}/id_rsa
sudo -Hiu ${HOST_USERNAME} cat ${SSH_DIR}/id_rsa.pub > ${TMP_HOOKS_PATH}/id_rsa.pub
sudo -Hiu ${HOST_USERNAME} dd if=${SSH_DIR}/authorized_keys of=${TMP_HOOKS_PATH}/ssh-authorized-keys
sudo -Hiu ${HOST_USERNAME} dd if=${SSH_DIR}/id_rsa of=${TMP_HOOKS_PATH}/id_rsa
sudo -Hiu ${HOST_USERNAME} dd if=${SSH_DIR}/id_rsa.pub of=${TMP_HOOKS_PATH}/id_rsa.pub
else
die "SSH Authorized Keys file must exist along with pub and private key"
fi

6
scripts/files/elements/ubuntu-guest/extra-data.d/62-ssh-key
View File

@@ -23,9 +23,9 @@ fi
# not these keys should not be overridden otherwise a) you won't be able to ssh in and b) the guest won't be able to
# rsync the files
if [ -e ${SSH_DIR}/authorized_keys ]; then
sudo -Hiu ${HOST_USERNAME} cat ${SSH_DIR}/authorized_keys > ${TMP_HOOKS_PATH}/ssh-authorized-keys
sudo -Hiu ${HOST_USERNAME} cat ${SSH_DIR}/id_rsa > ${TMP_HOOKS_PATH}/id_rsa
sudo -Hiu ${HOST_USERNAME} cat ${SSH_DIR}/id_rsa.pub > ${TMP_HOOKS_PATH}/id_rsa.pub
sudo -Hiu ${HOST_USERNAME} dd if=${SSH_DIR}/authorized_keys of=${TMP_HOOKS_PATH}/ssh-authorized-keys
sudo -Hiu ${HOST_USERNAME} dd if=${SSH_DIR}/id_rsa of=${TMP_HOOKS_PATH}/id_rsa
sudo -Hiu ${HOST_USERNAME} dd if=${SSH_DIR}/id_rsa.pub of=${TMP_HOOKS_PATH}/id_rsa.pub
else
die "SSH Authorized Keys file must exist along with pub and private key"
fi