diff --git a/devstack/lib/nfp b/devstack/lib/nfp index 2999b0411..e8bf74ebf 100644 --- a/devstack/lib/nfp +++ b/devstack/lib/nfp @@ -278,7 +278,7 @@ function create_nfp_image { 'from gbpservice.contrib.nfp.tools.image_builder import disk_image_create as DIB;\ DIB.cur_dir = "'$DISKIMAGE_CREATE_DIR'";\ DIB.conf["ubuntu_release"] = {"release": "trusty"};\ - DIB.conf["dib"] = {"image_size": 10, "elements": ["configurator"], "offline": True, "cache_dir": "'$HOME'/.cache/image-create"};\ + DIB.conf["dib"] = {"image_size": 10, "elements": ["configurator", "root-passwd"], "root_pswd": "nfp123", "offline": True, "cache_dir": "'$HOME'/.cache/image-create"};\ DIB.dib()' rm -rf $DISKIMAGE_CREATE_DIR/neutron_lib $DISKIMAGE_CREATE_DIR/gbpservice $DISKIMAGE_CREATE_DIR/neutron $DISKIMAGE_CREATE_DIR/neutron_lbaas ConfiguratorQcow2Image=$(cat $DISKIMAGE_CREATE_DIR/output/last_built_image_path) diff --git a/gbpservice/contrib/nfp/tools/image_builder/disk_image_create.py b/gbpservice/contrib/nfp/tools/image_builder/disk_image_create.py index 0ef595f2c..e3973b1ab 100644 --- a/gbpservice/contrib/nfp/tools/image_builder/disk_image_create.py +++ b/gbpservice/contrib/nfp/tools/image_builder/disk_image_create.py @@ -113,6 +113,9 @@ def dib(): # offline mode, assuming the image cache (tar) already exists if(dib['offline']): dib_args.append('--offline') + # root login enabled, set password environment varaible + if 'root-passwd' in dib['elements']: + os.environ['DIB_PASSWORD'] = dib['root_pswd'] # set the image build cache dir dib_args.append('--image-cache') dib_args.append(dib['cache_dir']) diff --git a/gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/README.rst b/gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/README.rst new file mode 100644 index 000000000..297c71675 --- /dev/null +++ b/gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/README.rst @@ -0,0 +1,11 @@ +Root Login +----------- +This element assigns a password to the root account in the image. + +This is useful when booting outside of a cloud environment (e.g. manually via +kvm) and for testing. + +To login to VM, goto GUI console and enter the root credentials. +To enable or disable password based login over ssh set the parameter below +in ssh config file to yes or no respectively + PasswordAuthentication no diff --git a/gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/post-install.d/99-setup b/gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/post-install.d/99-setup new file mode 100755 index 000000000..d32e97a74 --- /dev/null +++ b/gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/post-install.d/99-setup @@ -0,0 +1,13 @@ +#!/bin/bash +if [ -z "$DIB_PASSWORD" ]; then + echo "Error during setup password for root" + exit 1 +fi +sed -i "s/disable_root: true/disable_root: false/" /etc/cloud/cloud.cfg +install-packages augeas-tools openssh-server openssh-client +# set ssh config to disable root login over ssh +augtool -s set /files/etc/ssh/sshd_config/PasswordAuthentication no +augtool -s set /files/etc/ssh/sshd_config/PermitRootLogin no +augtool -s set /files/etc/ssh/ssh_config/PasswordAuthentication no +# set password for root +echo -e "$DIB_PASSWORD\n$DIB_PASSWORD\n" | passwd diff --git a/gbpservice/contrib/nfp/tools/setup_nfp.py b/gbpservice/contrib/nfp/tools/setup_nfp.py index 1b95603bd..4b90c28c6 100755 --- a/gbpservice/contrib/nfp/tools/setup_nfp.py +++ b/gbpservice/contrib/nfp/tools/setup_nfp.py @@ -126,7 +126,8 @@ def build_configuration_vm(): # create a configurattion dictionary needed by DIB DIB.conf['ubuntu_release'] = {'release': 'trusty'} - DIB.conf['dib'] = {"image_size": 10, "elements": ["configurator"], + DIB.conf['dib'] = {"image_size": 10, "elements": ["configurator", "root-passwd"], + "root_pswd": "nfp123", "offline": True, "cache_dir": cache_dir} # Build configurator VM