From 83bf907908ac713d334bf3ed4424989c86be9294 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 23 Oct 2016 00:34:05 +0200 Subject: Use the QEMU Guest Agent to retrive public key material. Unlike filesystem passthrough (9p VirtFS), this allows us to create guests remotely without using sudo privileges. (We can't do this with VirtFS currently due to lack of relabelling, and the kernel won't let us `chgrp libvirt-qemu` without sudoing.) --- tdf-postinst-udeb/finish-install.d/07tdf-postinst | 24 ++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) (limited to 'tdf-postinst-udeb') diff --git a/tdf-postinst-udeb/finish-install.d/07tdf-postinst b/tdf-postinst-udeb/finish-install.d/07tdf-postinst index 0ee458c..428b018 100755 --- a/tdf-postinst-udeb/finish-install.d/07tdf-postinst +++ b/tdf-postinst-udeb/finish-install.d/07tdf-postinst @@ -3,12 +3,7 @@ set -e . /usr/share/debconf/confmodule || true -modprobe -va -d/target virtio-rng -modprobe -va -d/target 9pnet_virtio 9p - -virtfs="$(mktemp -d)" -mount -t 9p -o trans=virtio,version=9p2000.L virtfs "$virtfs" || true -trap 'umount "$virtfs"; rmdir "$virtfs"' EXIT TERM INT +modprobe -v -d/target virtio-rng ####################################################################### @@ -20,9 +15,6 @@ if [ -d /target/etc/ssh ]; then -delete in-target ssh-keygen -b 4096 -t rsa -N '' -C /etc/ssh/ssh_host_rsa_key -f /etc/ssh/ssh_host_rsa_key in-target ssh-keygen -t ed25519 -N '' -C /etc/ssh/ssh_host_ed25519_key -f /etc/ssh/ssh_host_ed25519_key - for pk in $(find /target/etc/ssh -maxdepth 1 -type f -name "ssh_host_*_key.pub"); do - cp -f "$pk" "$virtfs" - done cat >/target/etc/ssh/sshd_config <<- EOF # What ports, IPs and protocols we listen for @@ -111,6 +103,16 @@ if [ -d /target/etc/salt ]; then echo "master_finger: '$RET'" >>/target/etc/salt/minion.d/9999user.conf fi echo "id: $(hostname).documentfoundation.org" >>/target/etc/salt/minion.d/9999user.conf - - cp /target/etc/salt/pki/minion/minion.pub "$virtfs" fi + + +####################################################################### +# Start the QEMU Guest Agent and wait until the host tells us to continue + +modprobe -v -d/target virtio-console +in-target qemu-ga --daemonize --pidfile=/var/run/qemu-ga.pid +while :; do + [ -f /target/etc/tdf-install-continue ] && break + sleep 1 +done +kill `cat /var/run/qemu-ga.pid` -- cgit v1.2.3