hadong has uploaded a new change for review. Change subject: init: Add support for use_strong_rng cmdline args ......................................................................
init: Add support for use_strong_rng cmdline args This patch adds support for configuring use_strong_rng in cmdline args: use_strong_rng=<bytes> This informations are sued to set use_strong_rng=<bytes> during an auto-installation. Change-Id: Idf2f4c4d9f9daf59b6fd95fe0d641260394ecab5 Signed-off-by: hadong <[email protected]> --- M scripts/ovirt-auto-install.py M scripts/ovirt-init-functions.sh.in 2 files changed, 17 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/57/18457/1 diff --git a/scripts/ovirt-auto-install.py b/scripts/ovirt-auto-install.py index c3770ad..ed26580 100755 --- a/scripts/ovirt-auto-install.py +++ b/scripts/ovirt-auto-install.py @@ -26,6 +26,7 @@ from ovirtnode.kdump import * from ovirt.node.utils.console import TransactionProgress from ovirt.node.utils import system +from ovirt.node.utils import security import logging import sys @@ -82,6 +83,16 @@ kbd.set_layout(OVIRT_VARS["OVIRT_KEYBOARD_LAYOUT"]) ovirt_store_config("/etc/vconsole.conf") ovirt_store_config("/etc/sysconfig/keyboard") + + +class ConfigureStrongRNG(Transaction.Element): + title = "Configuring SSH strong RNG" + + def commit(self): + if "OVIRT_USE_STRONG_RNG" in OVIRT_VARS and \ + not OVIRT_VARS["OVIRT_USE_STRONG_RNG"] is "": + ssh = security.Ssh() + ssh.strong_rng(OVIRT_VARS["OVIRT_USE_STRONG_RNG"]) class ConfigureLogging(Transaction.Element): @@ -157,6 +168,10 @@ if "OVIRT_KEYBOARD_LAYOUT" in OVIRT_VARS: tx.append(SetKeyboardLayout()) + #set ssh strong RHG + if "OVIRT_USE_STRONG_RNG" in OVIRT_VARS: + tx.append(ConfigureStrongRNG()) + tx.append(ConfigureLogging()) tx.append(ConfigureCollectd()) diff --git a/scripts/ovirt-init-functions.sh.in b/scripts/ovirt-init-functions.sh.in index e5e46a8..1d1ab8e 100644 --- a/scripts/ovirt-init-functions.sh.in +++ b/scripts/ovirt-init-functions.sh.in @@ -235,7 +235,7 @@ # tuned=profile # keyboard=layout # aesni=[y|n] - # strongrng=<bytes> + # use_strong_rng=<bytes> # nfsv4_domain=domain # TBD logrotate maxsize @@ -401,7 +401,7 @@ # disable AES-NI disable_aes_ni= - # strongrng=<bytes> + # use_strong_rng=<bytes> # use strong rng use_strong_rng= -- To view, visit http://gerrit.ovirt.org/18457 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Idf2f4c4d9f9daf59b6fd95fe0d641260394ecab5 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: master Gerrit-Owner: hadong <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
