aboutsummaryrefslogtreecommitdiffstats
path: root/tdf-postinst-udeb
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@libreoffice.org>2016-10-23 00:34:05 +0200
committerGuilhem Moulin <guilhem@libreoffice.org>2016-10-23 00:38:45 +0200
commit83bf907908ac713d334bf3ed4424989c86be9294 (patch)
tree91580d47239b3597e621f4419faa743919ff771b /tdf-postinst-udeb
parentcbf0cecd44a6b422e208f3043f2ceaf7fd0a25a9 (diff)
Use the QEMU Guest Agent to retrive public key material.
Unlike filesystem passthrough (9p VirtFS), this allows us to create guests remotely without using sudo privileges. (We can't do this with VirtFS currently due to lack of relabelling, and the kernel won't let us `chgrp libvirt-qemu` without sudoing.)
Diffstat (limited to 'tdf-postinst-udeb')
-rwxr-xr-xtdf-postinst-udeb/finish-install.d/07tdf-postinst24
1 files changed, 13 insertions, 11 deletions
diff --git a/tdf-postinst-udeb/finish-install.d/07tdf-postinst b/tdf-postinst-udeb/finish-install.d/07tdf-postinst
index 0ee458c..428b018 100755
--- a/tdf-postinst-udeb/finish-install.d/07tdf-postinst
+++ b/tdf-postinst-udeb/finish-install.d/07tdf-postinst
@@ -3,12 +3,7 @@ set -e
. /usr/share/debconf/confmodule || true
-modprobe -va -d/target virtio-rng
-modprobe -va -d/target 9pnet_virtio 9p
-
-virtfs="$(mktemp -d)"
-mount -t 9p -o trans=virtio,version=9p2000.L virtfs "$virtfs" || true
-trap 'umount "$virtfs"; rmdir "$virtfs"' EXIT TERM INT
+modprobe -v -d/target virtio-rng
#######################################################################
@@ -20,9 +15,6 @@ if [ -d /target/etc/ssh ]; then
-delete
in-target ssh-keygen -b 4096 -t rsa -N '' -C /etc/ssh/ssh_host_rsa_key -f /etc/ssh/ssh_host_rsa_key
in-target ssh-keygen -t ed25519 -N '' -C /etc/ssh/ssh_host_ed25519_key -f /etc/ssh/ssh_host_ed25519_key
- for pk in $(find /target/etc/ssh -maxdepth 1 -type f -name "ssh_host_*_key.pub"); do
- cp -f "$pk" "$virtfs"
- done
cat >/target/etc/ssh/sshd_config <<- EOF
# What ports, IPs and protocols we listen for
@@ -111,6 +103,16 @@ if [ -d /target/etc/salt ]; then
echo "master_finger: '$RET'" >>/target/etc/salt/minion.d/9999user.conf
fi
echo "id: $(hostname).documentfoundation.org" >>/target/etc/salt/minion.d/9999user.conf
-
- cp /target/etc/salt/pki/minion/minion.pub "$virtfs"
fi
+
+
+#######################################################################
+# Start the QEMU Guest Agent and wait until the host tells us to continue
+
+modprobe -v -d/target virtio-console
+in-target qemu-ga --daemonize --pidfile=/var/run/qemu-ga.pid
+while :; do
+ [ -f /target/etc/tdf-install-continue ] && break
+ sleep 1
+done
+kill `cat /var/run/qemu-ga.pid`