refs #596 add ssh config, 05-boottoolsFsLocales.py and 06-boottoolsInitrdGenerate.py

2024-08-13 12:22:02 +02:00 · 2024-08-13 12:22:02 +02:00 · 960b66ea81
parent a193b678c0
commit 960b66ea81
4 changed files with 139 additions and 19 deletions
--- a/05-boottoolsFsLocales.py
+++ b/05-boottoolsFsLocales.py
@ -0,0 +1,16 @@
+#!/usr/bin/python3
+
+import os
+import subprocess
+
+debconf_settings = """
+console-setup console-setup/charmap47 select UTF-8
+console-setup console-setup/codeset47 select . Combined - Latin; Slavic Cyrillic; Greek
+console-setup console-setup/fontface47 select VGA
+console-setup console-setup/fontsize-fb47 select 8x16
+""".strip()
+
+subprocess.run (['debconf-set-selections'], input=debconf_settings, text=True)
+
+os.environ['DEBIAN_FRONTEND'] = 'noninteractive'
+_run (['dpkg-reconfigure', 'console-setup', 'locales'])
--- a/06-boottoolsInitrdGenerate.py
+++ b/06-boottoolsInitrdGenerate.py
@ -0,0 +1,21 @@
+#!/usr/bin/python3
+
+import argparse
+import shutil
+import os
+import glob
+from boottoolsfunctions import _run
+
+def boottoolsInitrdGenerate (osrelease):
+    for f in glob.glob ('/usr/lib/initramfs-tools/bin/*'):
+        os.unlink (f)
+    shutil.copy ('/bin/busybox', '/usr/lib/initramfs-tools/bin')
+    os.chdir ('/tmp')
+    _run (['mkinitramfs', '-o', '/tmp/initrd.img-{}'.format (osrelease), '-v', osrelease])
+    shutil.copy ('/boot/vmlinuz-{}'.format (osrelease), '/tmp/')
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser()
+    parser.add_argument ('--osrelease', help='OS release', action='store', required=True)
+    args = parser.parse_args()
+    boottoolsInitrdGenerate (args.osrelease)
--- a/boottoolsfunctions/init.py
+++ b/boottoolsfunctions/init.py
@ -315,3 +315,73 @@ def btogSetFsBase (btrootfsimg, btrootfsmnt, osarch, oscodename, oshttp):

    logger.info ('debootstrap --arch="{}" --components=main,universe "{}" "{}" "{}" : ok'.format (osarch, oscodename, btrootfsmnt, oshttp))
    return 0
+
+def boottoolsSshServer():
+    if not os.path.exists ('/root/.ssh/id_rsa'):                     ## crea un par de claves en la VM, no en el chroot
+        _run (['ssh-keygen', '-q', '-f', '/root/.ssh/id_rsa', '-N', ''])
+        #shutil.copy ('/root/.ssh/id_rsa.pub', '/tmp/')
+
+    logger.debug ('comprobando directorio .ssh del root')
+    if not os.path.exists ('{}/root/.ssh'.format (btrootfsmnt)):     ## crea directorio dentro del chroot
+        logger.debug ('creando directorio .ssh 600')
+        os.mkdir ('{}/root/.ssh'.format (btrootfsmnt))
+        os.chmod (0o700, '{}/root/.ssh'.format (btrootfsmnt))
+
+    logger.debug ('creando el fichero authorized_keys')              ## crea archivo en el chroot
+    if not os.path.exists ('{}/root/.ssh/authorized_keys'.format (btrootfsmnt)):
+        open ('{}/root/.ssh/authorized_keys'.format (btrootfsmnt), 'w').close()
+    os.chmod (0o600, '{}/root/.ssh/authorized_keys'.format (btrootfsmnt))
+
+    logger.debug ('importando la clave publica del servidor OG')
+    #cat /tmp/id_rsa.pub
+    if os.path.exists ('/root/.ssh/id_rsa.pub'):                     ## coge la publica de la VM y la pone en el authorized_keys del chroot
+        #cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys
+        fdin = open ('/root/.ssh/id_rsa.pub', 'r')
+        fdout = open ('{}/root/.ssh/authorized_keys'.format (btrootfsmnt), 'a')
+        while True:
+            l = fdin.readline()
+            if not l: break
+            fdout.write (l)
+        fdin.close()
+        fdout.close()
+
+    else:
+        logger.error ('no key publica og')
+
+def boottoolsSshClient():
+    _run (['ssh-keygen', '-q', '-f', '{}/root/.ssh/id_rsa'.format (btrootfsmnt), '-N', ''])     ## crea un par de claves en el chroot
+
+    #cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys          ## coge la publica y se la autoriza a sí mismo
+    fdin = open ('{}//root/.ssh/id_rsa.pub'.format (btrootfsmnt), 'r')
+    fdout = open ('{}/root/.ssh/authorized_keys'.format (btrootfsmnt), 'a')
+    while True:
+        l = fdin.readline()
+        if not l: break
+        fdout.write (l)
+    fdin.close()
+    fdout.close()
+
+    ## TODO: exportamos la publica a los repos
+    #cp /root/.ssh/id_rsa.pub /tmp/rsa.ogclient.pub
+
+#btogFsInitrd  genera un initrd.
+def btogFsInitrd():
+    pass
+    #echo "cp /tmp/*-${OSRELEASE} ${BTTARGETDIR}"      ## esto copia algo??
+    #cp /tmp/*-${OSRELEASE} ${BTTARGETDIR}
+
+    ## backup de oginitrd.img, oginitrd.img.sum, ogvmlinuz y ogvmlinuz.sum
+    #TIMEMOD=`date +%Y%m%d-%H%M%S`
+    #[ -f $BTTARGETDIR/oginitrd.img ] && mv $BTTARGETDIR/oginitrd.img $BTTARGETDIR/oginitrd.img.$TIMEMOD;  mv $BTTARGETDIR/oginitrd.img.sum $BTTARGETDIR/oginitrd.img.sum.$TIMEMOD
+    #[ -f $BTTARGETDIR/ogvmlinuz ] && mv $BTTARGETDIR/ogvmlinuz $BTTARGETDIR/ogvmlinuz.$TIMEMOD; mv $BTTARGETDIR/ogvmlinuz.sum $BTTARGETDIR/ogvmlinuz.sum.$TIMEMOD
+
+    #cp /tmp/initrd.img-${OSRELEASE} ${BTTARGETDIR}/oginitrd.img
+    #cp /tmp/vmlinuz-${OSRELEASE} ${BTTARGETDIR}/ogvmlinuz
+
+    #DATASUM=`md5sum "${BTTARGETDIR}/oginitrd.img" | cut -f1 -d" "`
+    #echo $DATASUM > ${BTTARGETDIR}/oginitrd.img.sum
+    #DATASUM=`md5sum "${BTTARGETDIR}/ogvmlinuz" | cut -f1 -d" "`
+    #echo $DATASUM > ${BTTARGETDIR}/ogvmlinuz.sum
+
+    #cd -
+    #chmod -R 755 $BTTARGETDIR
--- a/boottoolsgenerator.py
+++ b/boottoolsgenerator.py
@ -7,10 +7,11 @@ import subprocess
 import glob
 import stat
 import configparser
+import shutil

 curdir = os.path.dirname (__file__)
 sys.path.insert (0, curdir)
-from boottoolsfunctions import _run, _is_mounted, btogGetOsInfo1, btogGetOsInfo2, btogGetVar, btogSetFsVirtual, btogSetFsAccess, btogSetFsBase
+from boottoolsfunctions import _run, _is_mounted, btogGetOsInfo1, btogGetOsInfo2, btogGetVar, btogSetFsVirtual, btogSetFsAccess, btogSetFsBase, boottoolsSshServer, boottoolsSshClient, btogFsInitrd

 #logging.root.handlers = []
 logging.basicConfig (
@ -157,36 +158,48 @@ logger.debug ('03-boottoolsSoftwareInstall stdout follows: {}'.format (stdout))

 logger.info ('Fase 5.2 compilar software.')
 logger.debug ('running \'schroot --chroot IMGogclient -- {}/04-boottoolsSoftwareCompile.py\'')
+#cd /
 stdout, _ = _run (['schroot', '--chroot', 'IMGogclient', '--', '{}/04-boottoolsSoftwareCompile.py'.format (curdir)])
+#cd -
 logger.debug ('04-boottoolsSoftwareCompile stdout follows: {}'.format (stdout))
-"""
-cd /
-schroot --chroot IMGogclient -- /usr/bin/boot-tools/boottoolsSoftwareCompile.sh >>/tmp/fase5.out
-cd -


 ############################################################################################
 logger.info ('FASE 6 - Personalizar el sistema creado')
 logger.info ('Fase 6.1 Incorporar la clave publica del servidor')
-cd /
-ssh-keygen -q -f /root/.ssh/id_rsa -N ""
-cp /root/.ssh/id_rsa.pub /tmp
-schroot --chroot IMGogclient -- /usr/bin/boot-tools/boottoolsSshServer.sh
-cd -
+#cd /
+#schroot --chroot IMGogclient -- /usr/bin/boot-tools/boottoolsSshServer.sh            ## no necesita chroot
+boottoolsSshServer()
+#cd -
+
 logger.info ('Fase 6.2. Incorpoar la clave publica del propio  cliente')
-schroot --chroot IMGogclient -- /usr/bin/boot-tools/boottoolsSshClient.sh
+#schroot --chroot IMGogclient -- /usr/bin/boot-tools/boottoolsSshClient.sh            ## no necesita chroot
+boottoolsSshClient()
+
+## el resultado es:
+## - hay un nuevo par de claves en la VM /root/.ssh
+## - hay otro nuevo par de claves en el rootfs /var/lib/tftpboot/ogclient/ogclientmount/root/.ssh
+## - las dos claves públicas (una de cada par) están autorizadan en el rootfs /var/lib/tftpboot/ogclient/ogclientmount/root/.ssh/authorized_keys
+############################################################################################

 logger.info ('Fase 6.3. Configurando las locales')
-schroot --chroot IMGogclient -- /usr/bin/boot-tools/boottoolsFsLocales.sh
+logger.debug ('running \'schroot --chroot IMGogclient -- {}/05-boottoolsFsLocales.py\'')
+stdout, _ = _run (['schroot', '--chroot', 'IMGogclient', '--', '{}/05-boottoolsFsLocales.py'.format (curdir)])
+logger.debug ('05-boottoolsFsLocales stdout follows: {}'.format (stdout))

-for i in `mount | grep IMGogclient | grep /var | cut -f3 -d" "`; do echo $i; umount $i; done
-for i in `mount | grep IMGogclient | grep /var | cut -f3 -d" "`; do echo $i; umount $i; done
-for i in `mount | grep IMGogclient | grep /var | cut -f3 -d" "`; do echo $i; umount $i; done
+if _is_mounted (btrootfsmnt):
+    _run (['umount', btrootfsmnt])

-echo ================= nati after fase 6; ls -la /opt/opengnsys/tftpboot/ogclient/
+#cd /
+#schroot -c IMGogclient -- /usr/bin/boot-tools/boottoolsInitrdGenerate.sh
+logger.debug ('running \'schroot --chroot IMGogclient -- {}/06-boottoolsInitrdGenerate.py --osrelease "{}"\''.format (curdir, osrelease))
+stdout, _ = _run (['schroot', '--chroot', 'IMGogclient', '--', '{}/06-boottoolsInitrdGenerate.py'.format (curdir), '--osrelease', osrelease])
+logger.debug ('06-boottoolsInitrdGenerate stdout follows: {}'.format (stdout))
+
+btogFsInitrd()


-#########################################################################
+"""
 logger.info ('FASE 7 - Generar distribucion')
 logger.info ('Fase 7.1 Generar el initrd')
 btogFsInitrd >>/tmp/fase7.out
@ -198,6 +211,6 @@ umount $BTROOTFSMNT 2>/dev/null
 logger.info ('Fase 7.3 Generar la ISO')
 btogIsoGenerator >>/tmp/fase7.out
 echo ================= nati after fase 8.3; ls -la /opt/opengnsys/tftpboot/ogclient/
-
-echoAndLog "OpenGnsys installation finished at $(date)"
 """
+
+logger.info ('OpenGnsys installation finished')