NFP (contrib) - Controller VM root login

This changeset presents the changes for
root login to the controller VM through console.
SSH based root login is disabled.

Change-Id: Icf157a141d8c097b3dddfef4955f112810ec77d9
Implements: blueprint gbp-network-services-framework

devstack/lib/nfp

@@ -278,7 +278,7 @@ function create_nfp_image {
  'from gbpservice.contrib.nfp.tools.image_builder import disk_image_create as DIB;\
  DIB.cur_dir = "'$DISKIMAGE_CREATE_DIR'";\
  DIB.conf["ubuntu_release"] = {"release": "trusty"};\
- DIB.conf["dib"] = {"image_size": 10, "elements": ["configurator"], "offline": True, "cache_dir": "'$HOME'/.cache/image-create"};\
+ DIB.conf["dib"] = {"image_size": 10, "elements": ["configurator", "root-passwd"], "root_pswd": "nfp123", "offline": True, "cache_dir": "'$HOME'/.cache/image-create"};\
  DIB.dib()'
             rm -rf $DISKIMAGE_CREATE_DIR/neutron_lib $DISKIMAGE_CREATE_DIR/gbpservice $DISKIMAGE_CREATE_DIR/neutron $DISKIMAGE_CREATE_DIR/neutron_lbaas
             ConfiguratorQcow2Image=$(cat $DISKIMAGE_CREATE_DIR/output/last_built_image_path)

gbpservice/contrib/nfp/tools/image_builder/disk_image_create.py

@@ -113,6 +113,9 @@ def dib():
     # offline mode, assuming the image cache (tar) already exists
     if(dib['offline']):
         dib_args.append('--offline')
+    # root login enabled, set password environment varaible
+    if 'root-passwd' in dib['elements']:
+        os.environ['DIB_PASSWORD'] = dib['root_pswd']
     # set the image build cache dir
     dib_args.append('--image-cache')
     dib_args.append(dib['cache_dir'])

gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/README.rst

@@ -0,0 +1,11 @@
+Root Login
+-----------
+This element assigns a password to the root account in the image.
+
+This is useful when booting outside of a cloud environment (e.g. manually via
+kvm) and for testing.
+
+To login to VM, goto GUI console and enter the root credentials.
+To enable or disable password based login over ssh set the parameter below
+in ssh config file to yes or no respectively
+    PasswordAuthentication no

gbpservice/contrib/nfp/tools/image_builder/elements/root-passwd/post-install.d/99-setup

@@ -0,0 +1,13 @@
+#!/bin/bash
+if [ -z "$DIB_PASSWORD" ]; then
+    echo "Error during setup password for root"
+    exit 1
+fi
+sed -i "s/disable_root: true/disable_root: false/" /etc/cloud/cloud.cfg
+install-packages augeas-tools openssh-server openssh-client
+# set ssh config to disable root login over ssh
+augtool -s set /files/etc/ssh/sshd_config/PasswordAuthentication no
+augtool -s set /files/etc/ssh/sshd_config/PermitRootLogin no
+augtool -s set /files/etc/ssh/ssh_config/PasswordAuthentication no
+# set password for root
+echo -e "$DIB_PASSWORD\n$DIB_PASSWORD\n" | passwd

gbpservice/contrib/nfp/tools/setup_nfp.py

@@ -126,7 +126,8 @@ def build_configuration_vm():
 
     # create a configurattion dictionary needed by DIB
     DIB.conf['ubuntu_release'] = {'release': 'trusty'}
-    DIB.conf['dib'] = {"image_size": 10, "elements": ["configurator"],
+    DIB.conf['dib'] = {"image_size": 10, "elements": ["configurator", "root-passwd"],
+                       "root_pswd": "nfp123",
                        "offline": True, "cache_dir": cache_dir}
 
     # Build configurator VM