Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / meta-phosphor / 7befc72da6d7528b05322d4ea80cfeaa43d8af2a / . / classes / phosphor-deploy-ssh-keys.bbclass
blob: a85d2ac2d5daacbfbfeabe590366c80879045c52 [file] [log] [blame]
Jean-Marie Verdun75c8dc62020-10-26 11:17:06 -0700[diff] [blame]1####
2# Copyright 2020 Hewlett Packard Enterprise Development LP.
3#
4#
5# Add a basic class to add a privileged user from an ssh
6# standpoint and a public key passed as an input parameter
7# from the local.conf file
8# Example:
9# INHERIT += "phosphor-deploy-ssh-keys"
10# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;"
11####
12
13inherit useradd_base
14
15IMAGE_PREPROCESS_COMMAND += "deploy_local_user;"
16
17deploy_local_user () {
18 if [ "${SSH_KEYS}" != "" ]; then
19 group_settings="${SSH_KEYS}"
20 current_setting=`echo $group_settings | cut -d ';' -f1`
21 remaining=`echo $group_settings | cut -d ';' -f2-`
22 while test "x$current_setting" != "x"; do
23
24 username=`echo ${SSH_KEYS} | awk -F":" '{ print $1}'`
25 key_path=`echo ${SSH_KEYS} | awk -F":" '{ print $2}'`
26
27 if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then
28 perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}"
29 fi
30
31 if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then
32 install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/
33 fi
34
35 if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then
36 install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
37 else
38 cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
39 fi
40
41 uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'`
42 guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'`
43
44 chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh
45 chmod 600 ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
46 chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh
47
48 is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true`
49
50 if [ -z "${is_group}" ]; then
51 perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin"
52 fi
53
54 perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}"
55
56 current_setting=`echo $remaining | cut -d ";" -f1`
57 remaining=`echo $remaining | cut -d ';' -f2-`
58 done
59 else
60 bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)"
61 fi
62}