diff options
author | wu.zhihui <wu.zhihui1@zte.com.cn> | 2017-03-20 10:52:49 +0800 |
---|---|---|
committer | wu.zhihui <wu.zhihui1@zte.com.cn> | 2017-03-20 17:13:24 +0800 |
commit | eaa225cf0c9b8b7bc63b35acdeef75dbacb8b905 (patch) | |
tree | 99a16254934b36c3914d1d665aea8a4145b7e8c7 | |
parent | 6694910aae48dd42e7c777e587c32e03cacd400c (diff) |
mistaken delete usefuel public key
Previously, cleanup_creds.sh will delete public keys which of
comment info is "root@$hostname". It could delete useful keys
by accident. In this patch, cleanup_creds.sh will only delete
the key which matches the key's content.
JIRA: QTIP-228
Change-Id: I1095de656570b816b7e170688acd01c27b98e74c
Signed-off-by: wu.zhihui <wu.zhihui1@zte.com.cn>
-rwxr-xr-x | qtip/scripts/cleanup_creds.sh | 4 | ||||
-rw-r--r-- | qtip/util/env.py | 18 |
2 files changed, 14 insertions, 8 deletions
diff --git a/qtip/scripts/cleanup_creds.sh b/qtip/scripts/cleanup_creds.sh index 1a7ddc1a..ad66ba95 100755 --- a/qtip/scripts/cleanup_creds.sh +++ b/qtip/scripts/cleanup_creds.sh @@ -10,11 +10,11 @@ DEST_IP=$1 PRIVATE_KEY=$2 -HOSTNAME=$(hostname) +PUBLIC_KEY=$3 sshoptions="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" case "$INSTALLER_TYPE" in fuel) - ssh $sshoptions -i $PRIVATE_KEY root@$DEST_IP "sed -i '/root@$HOSTNAME/d' /root/.ssh/authorized_keys" + ssh $sshoptions -i $PRIVATE_KEY root@$DEST_IP "sed -i '/$PUBLIC_KEY/d' /root/.ssh/authorized_keys" ;; esac diff --git a/qtip/util/env.py b/qtip/util/env.py index ab9ffa7a..9299f8c0 100644 --- a/qtip/util/env.py +++ b/qtip/util/env.py @@ -94,7 +94,8 @@ class AnsibleEnvSetup(object): if not all_files_exist(PRIVATE_KEY, PUBLIC_KEY): logger.info("Generate default keypair {0} under " "{1}".format(KEYNAME, os.environ['HOME'])) - cmd = '''ssh-keygen -t rsa -N "" -f {0} -q -b 2048'''.format(PRIVATE_KEY) + cmd = '''ssh-keygen -t rsa -N "" -f {0} -q -b 2048 + -C qtip@insecure'''.format(PRIVATE_KEY) os.system(cmd) self.keypair['private'] = PRIVATE_KEY self.keypair['public'] = PUBLIC_KEY @@ -195,11 +196,16 @@ class AnsibleEnvSetup(object): if CI_DEBUG is not None and CI_DEBUG.lower() == 'true': logger.info("DEBUG Mode: please do cleanup by manual.") else: - for ip in self.host_ip_list: - logger.info("Cleanup authorized_keys from {0}...".format(ip)) - cmd = 'bash {0}/cleanup_creds.sh {1} {2}'.format( - SCRIPT_DIR, ip, self.keypair['private']) - os.system(cmd) + with open(self.keypair['public'], 'r') as f: + key = f.read().strip('\n').replace('/', '\/') + if key: + for ip in self.host_ip_list: + logger.info("Cleanup authorized_keys from {0}...".format(ip)) + cmd = '''bash {0}/cleanup_creds.sh {1} {2} "{3}"'''.format( + SCRIPT_DIR, ip, self.keypair['private'], key) + os.system(cmd) + else: + logger.error("Nothing in public key file.") logger.info("Cleanup hostfile and keypair.") clean_file(self.hostfile, |