Commit 0ff3c1b7 authored by Mike Hibler's avatar Mike Hibler
Browse files

Make sure group is reasonable on installed host keys.

parent 411d6551
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2010-2017 University of Utah and the Flux Group. # Copyright (c) 2010-2018 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -401,9 +401,13 @@ sub LocalizeBSD() ...@@ -401,9 +401,13 @@ sub LocalizeBSD()
# Boss certificate. Need emulab.pem for TPM. # Boss certificate. Need emulab.pem for TPM.
ExecQuiet("$CP -p $ETCDIR/emulab.pem $ETCDIR/client.pem $mpoint/etc/emulab") ExecQuiet("$CP -p $ETCDIR/emulab.pem $ETCDIR/client.pem $mpoint/etc/emulab")
== 0 or goto bad; == 0 or goto bad;
ExecQuiet("$CHOWN root:wheel $mpoint/etc/emulab/*.pem")
== 0 or goto bad;
# All MFSs and images get the same ssh host keys. # All MFSs and images get the same ssh host keys.
ExecQuiet("$CP -p $IMAGEKEYS_DIR/* $mpoint/etc/ssh") ExecQuiet("$CP -p $IMAGEKEYS_DIR/* $mpoint/etc/ssh")
== 0 or goto bad; == 0 or goto bad;
ExecQuiet("$CHOWN root:wheel $mpoint/etc/ssh/ssh_host*")
== 0 or goto bad;
# Copy boss timezone into the MFS. # Copy boss timezone into the MFS.
ExecQuiet("$CP -p $ZONEINFO/$OURTIMEZONE $mpoint/etc/localtime") ExecQuiet("$CP -p $ZONEINFO/$OURTIMEZONE $mpoint/etc/localtime")
== 0 or goto bad; == 0 or goto bad;
...@@ -575,11 +579,13 @@ sub LocalizeLinux($) ...@@ -575,11 +579,13 @@ sub LocalizeLinux($)
# Boss certificate. Need emulab.pem for TPM. # Boss certificate. Need emulab.pem for TPM.
ExecQuiet("$CP -p $ETCDIR/emulab.pem $ETCDIR/client.pem etc/emulab") ExecQuiet("$CP -p $ETCDIR/emulab.pem $ETCDIR/client.pem etc/emulab")
== 0 or goto bad; == 0 or goto bad;
ExecQuiet("$CHOWN root:wheel $ETCDIR/emulab.pem $ETCDIR/client.pem") ExecQuiet("$CHOWN root:wheel etc/emulab/*.pem")
== 0 or goto bad; == 0 or goto bad;
# All MFSs and images get the same ssh host keys. # All MFSs and images get the same ssh host keys.
ExecQuiet("$CP -p $IMAGEKEYS_DIR/* etc/ssh") ExecQuiet("$CP -p $IMAGEKEYS_DIR/* etc/ssh")
== 0 or goto bad; == 0 or goto bad;
ExecQuiet("$CHOWN root:wheel etc/ssh/ssh_host*")
== 0 or goto bad;
# Copy boss timezone into the MFS. # Copy boss timezone into the MFS.
ExecQuiet("$CP -p $ZONEINFO/$OURTIMEZONE etc/localtime") ExecQuiet("$CP -p $ZONEINFO/$OURTIMEZONE etc/localtime")
== 0 or goto bad; == 0 or goto bad;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment