projects / grml-debootstrap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | compact (merge: b5efac4 3865f3e)
Merge remote-tracking branch 'origin/pr/155'
authorMichael Prokop <mika@grml.org>
Wed, 3 Jun 2020 14:44:11 +0000 (16:44 +0200)
committerMichael Prokop <mika@grml.org>
Wed, 3 Jun 2020 14:44:11 +0000 (16:44 +0200)
1  2 
grml-debootstrap patch | diff1 | diff2 | blob | history

diff --combined grml-debootstrap
index c9bf40e,380bcd4..823d876
--- 1/grml-debootstrap
--- 2/grml-debootstrap
+++ b/grml-debootstrap
@@@ -155,6 -155,7 +155,7 @@@ Configuration options
        --hostname <name>    Hostname of Debian system.
        --nopassword         Do not prompt for the root password.
        --password <pwd>     Use specified password as password for user root.
+       --sshcopyauth        Use ${HOME}/.ssh/authorized_keys to authorise root login on the target system.
        --sshcopyid          Use locally available public keys to authorise root login on the target system.
        --bootappend <line>  Add specified appendline to kernel whilst booting.
        --chroot-scripts <d> Execute chroot scripts from specified directory.
@@@ -343,7 -344,7 +344,7 @@@ f
  # }}}
  
  # cmdline handling {{{
- CMDLINE_OPTS=mirror:,iso:,release:,target:,mntpoint:,debopt:,defaultinterfaces,interactive,nodebootstrap,nointerfaces,nokernel,nopackages,filesystem:,config:,confdir:,packages:,chroot-scripts:,scripts:,post-scripts:,pre-scripts:,debconf:,vm,vmfile,vmsize:,keep_src_list,hostname:,password:,nopassword,grmlrepos,backportrepos,bootappend:,grub:,efi:,arch:,insecure,verbose,help,version,force,debug,contrib,non-free,remove-configs,sshcopyid
+ CMDLINE_OPTS=mirror:,iso:,release:,target:,mntpoint:,debopt:,defaultinterfaces,interactive,nodebootstrap,nointerfaces,nokernel,nopackages,filesystem:,config:,confdir:,packages:,chroot-scripts:,scripts:,post-scripts:,pre-scripts:,debconf:,vm,vmfile,vmsize:,keep_src_list,hostname:,password:,nopassword,grmlrepos,backportrepos,bootappend:,grub:,efi:,arch:,insecure,verbose,help,version,force,debug,contrib,non-free,remove-configs,sshcopyid,sshcopyauth
  
  _opt_temp=$(getopt --name grml-debootstrap -o +m:i:r:t:p:c:d:vhV --long \
    $CMDLINE_OPTS -- "$@")
@@@ -460,6 -461,9 +461,9 @@@ while :; d
    --sshcopyid)         # Use locally available public keys to authorise root login on the target system
      _opt_sshcopyid=T
      ;;
+   --sshcopyauth)       # Use .ssh/authorized_keys to authorise root login on the target system
+     _opt_sshcopyauth=T
+     ;;
    --grmlrepos)         # Enable Grml repository
      _opt_grmlrepos=T
      ;;
@@@ -561,6 -565,7 +565,7 @@@ don
  [ "$_opt_nointerfaces" ]        && NOINTERFACES="true"
  [ "$_opt_nokernel" ]            && NOKERNEL="true"
  [ "$_opt_sshcopyid" ]           && SSHCOPYID="true"
+ [ "$_opt_sshcopyauth" ]         && SSHCOPYAUTH="true"
  [ "$_opt_bootappend" ]          && BOOT_APPEND=$_opt_bootappend
  [ "$_opt_grub" ]                && GRUB=$_opt_grub
  [ "$_opt_efi" ]                 && EFI=$_opt_efi
@@@ -589,6 -594,12 +594,12 @@@ if [ "$_opt_grub" ] && [ "$_opt_vmfile
    bailout 1
  fi
  
+ if [ "${_opt_sshcopyid}" ] && [ "${_opt_sshcopyauth}" ] ; then
+   eerror "The --sshcopyid option is incompatible with --sshcopyauth, please drop either of them from your command line."
+   eend 1
+   bailout 1
+ fi
  if [ -n "$ISO" ] && [[ "$DEBOOTSTRAP" =~ mmdebstrap$ ]] ; then
    eerror "The ISO option is incompatible with usage of mmdebstrap for bootstrapping."
    eerror "Either drop the --iso ... option or use plain debootstrap instead."
@@@ -1798,8 -1809,6 +1809,8 @@@ iface ${interface} inet dhc
    fi
  
    if [ -n "${SSHCOPYID}" ] ; then
 +    AUTHORIZED_KEYS_SOURCE=${AUTHORIZED_KEYS_SOURCE:-$HOME/.ssh/authorized_keys}
 +    AUTHORIZED_KEYS_TARGET=${AUTHORIZED_KEYS_TARGET:-$MNTPOINT/root/.ssh/}
      if ssh-add -L >/dev/null 2>&1 ; then
        einfo "Use locally available public keys to authorise root login on the target system as requested via --sshcopyid option."
        mkdir -p "${MNTPOINT}"/root/.ssh
@@@ -1811,19 -1820,29 +1822,40 @@@
          eend 1
          bailout 1
        fi
 +    elif [ -f "$AUTHORIZED_KEYS_SOURCE" ]; then
 +      einfo "copying '$AUTHORIZED_KEYS_SOURCE' to '$AUTHORIZED_KEYS_TARGET' as requested via --sshcopyid option."
 +      mkdir -p "$AUTHORIZED_KEYS_TARGET"
 +      chmod 0700 "$AUTHORIZED_KEYS_TARGET"
 +      if cp "$AUTHORIZED_KEYS_SOURCE" "$AUTHORIZED_KEYS_TARGET" ; then
 +        eend 0
 +      else
 +        eerror "Error: copying '$AUTHORIZED_KEYS_SOURCE' to '$AUTHORIZED_KEYS_TARGET' failed"
 +        eend 1
 +        bailout 1
 +      fi
      else
-       eerror "Could not open a connection to your authentication agent or the agent has no identites."
+       eerror "Error: Could not open a connection to your authentication agent or the agent has no identities."
+       eend 1
+       bailout 1
+     fi
+   fi
+   if [ -n "${SSHCOPYAUTH}" ] ; then
+     AUTHORIZED_KEYS_SOURCE=${AUTHORIZED_KEYS_SOURCE:-${HOME}/.ssh/authorized_keys}
+     if ! [ -f "${AUTHORIZED_KEYS_SOURCE}" ]; then
+       eerror "Error: could not read '${AUTHORIZED_KEYS_SOURCE}' for setting up SSH key login."
+       eend 1
+       bailout 1
+     fi
+     AUTHORIZED_KEYS_TARGET="${MNTPOINT}/root/.ssh/"
+     einfo "Copying '${AUTHORIZED_KEYS_SOURCE}' to '${AUTHORIZED_KEYS_TARGET}' as requested via --sshcopyauth option."
+     mkdir -m 0700 -p "${AUTHORIZED_KEYS_TARGET}"
+     if cp "${AUTHORIZED_KEYS_SOURCE}" "${AUTHORIZED_KEYS_TARGET}" ; then
+       eend 0
+     else
+       eerror "Error: copying '${AUTHORIZED_KEYS_SOURCE}' to '${AUTHORIZED_KEYS_TARGET}' failed."
        eend 1
        bailout 1
      fi
wrapper around debootstrap