Add workaround if keys fail to fetch
This commit is contained in:
parent
795b8d0caf
commit
2622595344
|
@ -786,10 +786,10 @@ chroot ${target} mkdir -p /var/home/${target_deploy_user}/.ssh
|
||||||
if [[ -n ${target_keys_path} ]]; then
|
if [[ -n ${target_keys_path} ]]; then
|
||||||
case ${target_keys_method} in
|
case ${target_keys_method} in
|
||||||
wget)
|
wget)
|
||||||
wget -O ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys ${target_keys_path}
|
wget -O ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys ${target_keys_path} || failed_keys="y"
|
||||||
;;
|
;;
|
||||||
tftp)
|
tftp)
|
||||||
tftp -m binary "${seed_host}" -c get "${target_keys_path}" ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys
|
tftp -m binary "${seed_host}" -c get "${target_keys_path}" ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys || failed_keys="y"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
chroot ${target} chmod 0600 /var/home/${target_deploy_user}/.ssh/authorized_keys
|
chroot ${target} chmod 0600 /var/home/${target_deploy_user}/.ssh/authorized_keys
|
||||||
|
@ -798,6 +798,12 @@ else
|
||||||
echo "${target_deploy_user}:${target_password}" | chroot ${target} chpasswd >&2
|
echo "${target_deploy_user}:${target_password}" | chroot ${target} chpasswd >&2
|
||||||
fi
|
fi
|
||||||
echo "done."
|
echo "done."
|
||||||
|
if [[ -n ${failed_keys} ]]; then
|
||||||
|
target_password="$( pwgen -s 8 1 )"
|
||||||
|
echo "WARNING: Failed to fetch keys; target deploy user SSH keyauth will fail."
|
||||||
|
echo "Setting temporary random password '${temp_password}' instead."
|
||||||
|
echo "${target_deploy_user}:${target_password}" | chroot ${target} chpasswd >&2
|
||||||
|
fi
|
||||||
|
|
||||||
echo -n "Setting NOPASSWD for sudo group... "
|
echo -n "Setting NOPASSWD for sudo group... "
|
||||||
sed -i 's/^%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD: ALL/' ${target}/etc/sudoers
|
sed -i 's/^%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD: ALL/' ${target}/etc/sudoers
|
||||||
|
|
Loading…
Reference in New Issue