diff options
author | Guilhem Moulin <guilhem@libreoffice.org> | 2016-10-23 00:34:05 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@libreoffice.org> | 2016-10-23 00:38:45 +0200 |
commit | 83bf907908ac713d334bf3ed4424989c86be9294 (patch) | |
tree | 91580d47239b3597e621f4419faa743919ff771b /tdf-postinst-udeb | |
parent | cbf0cecd44a6b422e208f3043f2ceaf7fd0a25a9 (diff) |
Use the QEMU Guest Agent to retrive public key material.
Unlike filesystem passthrough (9p VirtFS), this allows us to create
guests remotely without using sudo privileges. (We can't do this with
VirtFS currently due to lack of relabelling, and the kernel won't let us
`chgrp libvirt-qemu` without sudoing.)
Diffstat (limited to 'tdf-postinst-udeb')
-rwxr-xr-x | tdf-postinst-udeb/finish-install.d/07tdf-postinst | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/tdf-postinst-udeb/finish-install.d/07tdf-postinst b/tdf-postinst-udeb/finish-install.d/07tdf-postinst index 0ee458c..428b018 100755 --- a/tdf-postinst-udeb/finish-install.d/07tdf-postinst +++ b/tdf-postinst-udeb/finish-install.d/07tdf-postinst @@ -3,12 +3,7 @@ set -e . /usr/share/debconf/confmodule || true -modprobe -va -d/target virtio-rng -modprobe -va -d/target 9pnet_virtio 9p - -virtfs="$(mktemp -d)" -mount -t 9p -o trans=virtio,version=9p2000.L virtfs "$virtfs" || true -trap 'umount "$virtfs"; rmdir "$virtfs"' EXIT TERM INT +modprobe -v -d/target virtio-rng ####################################################################### @@ -20,9 +15,6 @@ if [ -d /target/etc/ssh ]; then -delete in-target ssh-keygen -b 4096 -t rsa -N '' -C /etc/ssh/ssh_host_rsa_key -f /etc/ssh/ssh_host_rsa_key in-target ssh-keygen -t ed25519 -N '' -C /etc/ssh/ssh_host_ed25519_key -f /etc/ssh/ssh_host_ed25519_key - for pk in $(find /target/etc/ssh -maxdepth 1 -type f -name "ssh_host_*_key.pub"); do - cp -f "$pk" "$virtfs" - done cat >/target/etc/ssh/sshd_config <<- EOF # What ports, IPs and protocols we listen for @@ -111,6 +103,16 @@ if [ -d /target/etc/salt ]; then echo "master_finger: '$RET'" >>/target/etc/salt/minion.d/9999user.conf fi echo "id: $(hostname).documentfoundation.org" >>/target/etc/salt/minion.d/9999user.conf - - cp /target/etc/salt/pki/minion/minion.pub "$virtfs" fi + + +####################################################################### +# Start the QEMU Guest Agent and wait until the host tells us to continue + +modprobe -v -d/target virtio-console +in-target qemu-ga --daemonize --pidfile=/var/run/qemu-ga.pid +while :; do + [ -f /target/etc/tdf-install-continue ] && break + sleep 1 +done +kill `cat /var/run/qemu-ga.pid` |