Your message dated Sun, 17 Sep 2017 18:33:55 +0300
with message-id <[email protected]>
and subject line Re: add option to install ssh key for root (--root-ssh-key)
has caused the Debian Bug report #784125,
regarding add option to install ssh key for root (--root-ssh-key)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
784125: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784125
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: vmdebootstrap
Version: 0.7-1
Tags: upstream patch
>From 5b48e4d8e535a858e638156dc2a09896d1aafc9c Mon Sep 17 00:00:00 2001
From: Jan Gerber <[email protected]>
Date: Mon, 27 Apr 2015 12:08:57 +0200
Subject: add option to install ssh key for root (--root-ssh-key)
diff --git a/vmdebootstrap b/vmdebootstrap
index 49c21c8..d951d31 100755
--- a/vmdebootstrap
+++ b/vmdebootstrap
@@ -131,6 +131,10 @@ class VmDebootstrap(cliapp.Application): # pylint: disable=too-many-public-meth
['lock-root-password'],
'lock root account so they cannot login?')
self.settings.string(
+ ['root-ssh-key'],
+ "install given public ssh key in /root/.ssh/authorized_keys",
+ metavar='SSHKEY')
+ self.settings.string(
['customize'],
'run SCRIPT after setting up system',
metavar='SCRIPT')
@@ -544,6 +548,12 @@ class VmDebootstrap(cliapp.Application): # pylint: disable=too-many-public-meth
else:
self.message('Give root an empty password')
self.delete_password(rootdir, 'root')
+ if self.settings['root-ssh-key']:
+ self.message('Copy root ssh key %s' % self.settings['root-ssh-key'])
+ os.mkdir(os.path.join(rootdir, 'root', '.ssh'))
+ os.chmod(os.path.join(rootdir, 'root', '.ssh'), 0700)
+ shutil.copy(self.settings['root-ssh-key'],
+ os.path.join(rootdir, 'root', '.ssh', 'authorized_keys'))
def create_users(self, rootdir):
def create_user(user):
diff --git a/vmdebootstrap.8.in b/vmdebootstrap.8.in
index 80df9bc..7ab5607 100644
--- a/vmdebootstrap.8.in
+++ b/vmdebootstrap.8.in
@@ -24,7 +24,7 @@ vmdebootstrap \- install basic Debian system into virtual disk image
[\-\-output=FILE] [\-\-verbose |\-\-no-verbose] \-\-image=FILE \-\-size=SIZE
[\-\-tarball=FILE] [\-\-mirror=URL] [\-\-arch=ARCH] [\-\-distribution=NAME]
[\-\-package=PACKAGE] [\-\-custom-package=DEB] [\-\-no-kernel]
-[\-\-enable-dhcp | \-\-no-enable-dhcp] [\-\-root-password=PASSWORD]
+[\-\-enable-dhcp | \-\-no-enable-dhcp] [\-\-root-password=PASSWORD] [\-\-root-ssh-key=KEY]
[\-\-customize=SCRIPT] [\-\-hostname=HOSTNAME] [\-\-user=USER/PASSWORD]
[\-\-serial-console | \-\-no-serial-console] [\-\-sudo |\-\-no-sudo] [\-\-owner=OWNER]
[\-\-bootsize=BOOTSIZE] [\-\-boottype=FSTYPE] [\-\-roottype=FSTYPE] [\-\-foreign=PATH]
@@ -166,6 +166,8 @@ do not install a linux package
enable DHCP on eth0
.IP \-\-root-password=PASSWORD
set root password
+.IP \-\-root-ssh-key=KEY
+install ssh key in /root/.ssh/authorized_keys
.IP \-\-customize=SCRIPT
run SCRIPT after setting up system. If the script does not exist in the current
working directory, /usr/share/vmdebootstrap/examples/ will be checked as a
--
2.2.1.209.g41e5f3a
--- End Message ---
--- Begin Message ---
I'm afraid I don't think this feature will ever land in vmdebootstrap.
Let me explain.
I initially wrote vmdebootstrap in 2011, and the first version was
very simple and straightforward. However, I quickly ran into
limitations, like not being able to log in as root. To solve this, I
added options such as --root-password. Unfortunately, this was a
mistake. It set a pattern where every time the image built with
vmdebootstrap needed a variation, I added a new option. When Neil took
over as the vmdebootstrap maintainer, he continued this tradition. As
a result, vmdebootstrap is littered with options, many of which are
only really useful for particular users of the program. To test one
build of an image, with one set of options, took me about half an hour
when I took over from Neil. There's at least ten yes/no type options
in vmdebootstap, so a test run that tests just a few of them, say
five, will likely take 2^5 * 0.5 = 16 hours. And that doesn't give
you much test coverage.
Further, this approach has made it difficult to add new features to
vmdebootstrap, and made the code difficult to follow.
To fix this, I've written a vmdebootstrap replacement, vmdb2, which
will be uploaded to Debian later this year. I am reluctant to make any
changes to vmdebootstrap, except to fix bad bugs. I won't be adding
new features.
Sorry.
I hope you will try vmdb2 (when it enters Debian, or see
https://liw.fi/vmdebootstrap/). It's not as featured as vmdebootstrap,
although that's partly by design. If you do try it, please send
feedback on what's good, and what you'd like to see improved. Thanks.
--
I want to build worthwhile things that might last. --joeyh
signature.asc
Description: PGP signature
--- End Message ---
