incubator-cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From t..@apache.org
Subject git commit: refs/heads/master - CLOUDSTACK-1013 : running cloudstack overwrites default public/private ssh keys
Date Thu, 07 Mar 2013 09:41:22 GMT
Updated Branches:
  refs/heads/master c2fbac416 -> d51e964d4


CLOUDSTACK-1013 : running cloudstack overwrites default public/private ssh keys

The default private/public keypairs in .ssh will not be overwritten.
Instead cloudstack will generate a new keypair id_rsa.cloud and
id_rsa.cloud.pub and use those in developer mode.

To use this insert the (name,value)=(develop,true) tuple into
`cloud`.`configuration`

Signed-off-by: Prasanna Santhanam <tsp@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/d51e964d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/d51e964d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/d51e964d

Branch: refs/heads/master
Commit: d51e964d42bdd681fec1c2572c94d703b3986aea
Parents: c2fbac4
Author: Harikrishna Patnala <harikrishna.patnala@citrix.com>
Authored: Thu Mar 7 14:41:54 2013 +0530
Committer: Prasanna Santhanam <tsp@apache.org>
Committed: Thu Mar 7 15:11:05 2013 +0530

----------------------------------------------------------------------
 .../com/cloud/server/ConfigurationServerImpl.java  |   33 ++++++++++-----
 1 files changed, 22 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/d51e964d/server/src/com/cloud/server/ConfigurationServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java b/server/src/com/cloud/server/ConfigurationServerImpl.java
index c5ae1e2..8c665ad 100755
--- a/server/src/com/cloud/server/ConfigurationServerImpl.java
+++ b/server/src/com/cloud/server/ConfigurationServerImpl.java
@@ -603,8 +603,16 @@ public class ConfigurationServerImpl extends ManagerBase implements Configuratio
             throw new CloudRuntimeException("No home directory was detected for the user
'" + username + "'. Please check the profile of this user.");
         }
 
-        File privkeyfile = new File(homeDir + "/.ssh/id_rsa");
-        File pubkeyfile = new File(homeDir + "/.ssh/id_rsa.pub");
+        // Using non-default file names (id_rsa.cloud and id_rsa.cloud.pub) in developer
mode. This is to prevent SSH keys overwritten for user running management server
+        File privkeyfile = null;
+        File pubkeyfile = null;
+        if (devel) {
+            privkeyfile = new File(homeDir + "/.ssh/id_rsa.cloud");
+            pubkeyfile = new File(homeDir + "/.ssh/id_rsa.cloud.pub");
+        } else {
+            privkeyfile = new File(homeDir + "/.ssh/id_rsa");
+            pubkeyfile = new File(homeDir + "/.ssh/id_rsa.pub");
+        }
 
         if (already == null || already.isEmpty()) {
             if (s_logger.isInfoEnabled()) {
@@ -661,13 +669,8 @@ public class ConfigurationServerImpl extends ManagerBase implements Configuratio
             }
 
         } else {
-            s_logger.info("Keypairs already in database");
-            if (username.equalsIgnoreCase("cloud")) {
-                s_logger.info("Keypairs already in database, updating local copy");
-                updateKeyPairsOnDisk(homeDir);
-            } else {
-                s_logger.info("Keypairs already in database, skip updating local copy (not
running as cloud user)");
-            }
+            s_logger.info("Keypairs already in database, updating local copy");
+            updateKeyPairsOnDisk(homeDir);
         }
         s_logger.info("Going to update systemvm iso with generated keypairs if needed");
         try {
@@ -726,14 +729,22 @@ public class ConfigurationServerImpl extends ManagerBase implements
Configuratio
 
     private void updateKeyPairsOnDisk(String homeDir) {
         File keyDir = new File(homeDir + "/.ssh");
+        Boolean devel = Boolean.valueOf(_configDao.getValue("developer"));
         if (!keyDir.isDirectory()) {
             s_logger.warn("Failed to create " + homeDir + "/.ssh for storing the SSH keypars");
             keyDir.mkdir();
         }
         String pubKey = _configDao.getValue("ssh.publickey");
         String prvKey = _configDao.getValue("ssh.privatekey");
-        writeKeyToDisk(prvKey, homeDir + "/.ssh/id_rsa");
-        writeKeyToDisk(pubKey, homeDir + "/.ssh/id_rsa.pub");
+
+        // Using non-default file names (id_rsa.cloud and id_rsa.cloud.pub) in developer
mode. This is to prevent SSH keys overwritten for user running management server
+        if( devel ) {
+            writeKeyToDisk(prvKey, homeDir + "/.ssh/id_rsa.cloud");
+            writeKeyToDisk(pubKey, homeDir + "/.ssh/id_rsa.cloud.pub");
+        } else {
+            writeKeyToDisk(prvKey, homeDir + "/.ssh/id_rsa");
+            writeKeyToDisk(pubKey, homeDir + "/.ssh/id_rsa.pub");
+        }
     }
 
     protected void injectSshKeysIntoSystemVmIsoPatch(String publicKeyPath, String privKeyPath)
{


Mime
View raw message