meta-phosphor: bbclass to deploy test SSH keys
Change-Id: Ia44f4553ce360de651c4633e8cf166fd2e2ab7cf
Signed-off-by: Jean-Marie Verdun <jean-marie.verdun@hpe.com>
diff --git a/classes/obmc-phosphor-image.bbclass b/classes/obmc-phosphor-image.bbclass
index d68fa37..b2d3b5e 100644
--- a/classes/obmc-phosphor-image.bbclass
+++ b/classes/obmc-phosphor-image.bbclass
@@ -32,6 +32,8 @@
# - obmc-debug-collector - OpenBMC debug collector
inherit core-image
+inherit obmc-phosphor-utils
+inherit phosphor-deploy-ssh-keys
FEATURE_PACKAGES_obmc-bmc-state-mgmt ?= "packagegroup-obmc-apps-bmc-state-mgmt"
FEATURE_PACKAGES_obmc-bmcweb ?= "packagegroup-obmc-apps-bmcweb"
diff --git a/classes/phosphor-deploy-ssh-keys.bbclass b/classes/phosphor-deploy-ssh-keys.bbclass
new file mode 100644
index 0000000..a85d2ac
--- /dev/null
+++ b/classes/phosphor-deploy-ssh-keys.bbclass
@@ -0,0 +1,62 @@
+####
+# Copyright 2020 Hewlett Packard Enterprise Development LP.
+#
+#
+# Add a basic class to add a privileged user from an ssh
+# standpoint and a public key passed as an input parameter
+# from the local.conf file
+# Example:
+# INHERIT += "phosphor-deploy-ssh-keys"
+# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;"
+####
+
+inherit useradd_base
+
+IMAGE_PREPROCESS_COMMAND += "deploy_local_user;"
+
+deploy_local_user () {
+ if [ "${SSH_KEYS}" != "" ]; then
+ group_settings="${SSH_KEYS}"
+ current_setting=`echo $group_settings | cut -d ';' -f1`
+ remaining=`echo $group_settings | cut -d ';' -f2-`
+ while test "x$current_setting" != "x"; do
+
+ username=`echo ${SSH_KEYS} | awk -F":" '{ print $1}'`
+ key_path=`echo ${SSH_KEYS} | awk -F":" '{ print $2}'`
+
+ if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then
+ perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}"
+ fi
+
+ if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then
+ install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/
+ fi
+
+ if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then
+ install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+ else
+ cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+ fi
+
+ uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'`
+ guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'`
+
+ chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh
+ chmod 600 ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+ chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh
+
+ is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true`
+
+ if [ -z "${is_group}" ]; then
+ perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin"
+ fi
+
+ perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}"
+
+ current_setting=`echo $remaining | cut -d ";" -f1`
+ remaining=`echo $remaining | cut -d ';' -f2-`
+ done
+ else
+ bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)"
+ fi
+}