commit f2f4f12c26001beff472cf8f5b81d1bb853bc081
author Jean-Marie Verdun <jean-marie.verdun@hpe.com> Mon Oct 26 11:17:06 2020 -0700
committer Andrew Geissler <geissonator@yahoo.com> Wed Nov 11 15:39:43 2020 -0600
tree 181dd591125cf78b60b6f35867b24b17d57e0a62
parent c16a1e103756afa4ab438dcd5dd7fb6742293898

meta-phosphor: bbclass to deploy test SSH keys

(From meta-phosphor rev: 75c8dc6f5fc565a92da9129291ea09319e8593a6)

Change-Id: I375e188abbf3115e00d3ace1ad201d9fc11214d9
Signed-off-by: Jean-Marie Verdun <jean-marie.verdun@hpe.com>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>

meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass

diff --git a/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass
new file mode 100644
index 0000000..a85d2ac
--- /dev/null
+++ b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass
@@ -0,0 +1,62 @@
+####
+# Copyright 2020 Hewlett Packard Enterprise Development LP.
+#
+#
+# Add a basic class to add a privileged user from an ssh
+# standpoint and a public key passed as an input parameter
+# from the local.conf file
+# Example:
+# INHERIT += "phosphor-deploy-ssh-keys"
+# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;"
+####
+
+inherit useradd_base
+
+IMAGE_PREPROCESS_COMMAND += "deploy_local_user;"
+
+deploy_local_user () {
+        if [ "${SSH_KEYS}" != "" ]; then
+		group_settings="${SSH_KEYS}"
+		current_setting=`echo $group_settings | cut -d ';' -f1`
+		remaining=`echo $group_settings | cut -d ';' -f2-`
+		while test "x$current_setting" != "x"; do
+
+			username=`echo ${SSH_KEYS} | awk -F":" '{ print $1}'`
+			key_path=`echo ${SSH_KEYS} | awk -F":" '{ print $2}'`
+
+			if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then
+				perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}"
+			fi
+
+			if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then
+				install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/
+			fi
+
+			if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then
+				install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+			else
+				cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+			fi
+
+			uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'`
+			guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'`
+
+			chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh
+			chmod 600  ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+			chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh
+
+			is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true`
+
+			if [ -z "${is_group}" ]; then
+				perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin"
+			fi
+
+			perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}"
+
+			current_setting=`echo $remaining | cut -d ";" -f1`
+			remaining=`echo $remaining | cut -d ';' -f2-`
+		done
+	else
+		bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)"
+	fi
+}