Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
bf0e1d2f
Commit
bf0e1d2f
authored
Jul 05, 2017
by
Mike Hibler
Browse files
Simplify the cleanup of /root/.ssh: just remove everything.
Previously, we were still putting the default utah boss key there.
parent
af903888
Changes
2
Hide whitespace changes
Inline
Side-by-side
clientside/tmcc/freebsd/prepare
View file @
bf0e1d2f
...
...
@@ -247,20 +247,26 @@ if (-f $HISTORY) {
}
#
# Remove /root/.ssh and then regenerate a
clean version with only an
#
approved authorized_keys file
.
# Remove /root/.ssh and then regenerate a
n empty directory.
#
We don
'
t
want
any
Utah
specific
keys
tainting
the
images
.
#
print
"
Cleaning root's .ssh directory ...
\n
";
if (system(
"
rm
-
rf
$ROOTSSHDIR
.
bak
"
) ||
system(
"
mv
$ROOTSSHDIR
$ROOTSSHDIR
.
bak
"
)) {
die(
"
Could
not
move
$ROOTSSHDIR
to
$ROOTSSHDIR
.
bak
"
);
}
if (! -x
"
$BINDIR
/rc/
rc
.
localize
"
|| system(
"
$BINDIR
/rc/
rc
.
localize
boot
"
)) {
system(
"
rm
-
rf
$ROOTSSHDIR
"
);
system(
"
mv
$ROOTSSHDIR
.
bak
$ROOTSSHDIR
"
);
if
(
system
("
rm -rf
$ROOTSSHDIR
")
||
system
("
mkdir -p -m 700
$ROOTSSHDIR
")
||
system
("
chown root:wheel
$ROOTSSHDIR
"))
{
die
("
Could not clean root .ssh directory
");
}
system(
"
rm
-
rf
$ROOTSSHDIR
.
bak
"
);
#
# XXX unlike the root .ssh directory above, the proper host keys will
# not be restored when the node reboots following taking the image.
# Thus the node will wind up with new unique host keys after reboot and
# will likely sow confusion for anyone ssh'ing in after that. Arguably,
# the host keys should be configured on every boot like the root
# authorized_keys file is (in rc.localize).
#
#print "Removing SSH host keys ...\n";
#system("rm -rf /etc/ssh/ssh_host_*key /etc/ssh/ssh_host_*key.pub");
print
"
Cleaning mail spool files ...
\n
";
system
("
rm -rf
$MAILDIR
/*
");
...
...
clientside/tmcc/linux/prepare
View file @
bf0e1d2f
...
...
@@ -353,20 +353,26 @@ if (-f "/root/$HISTORY") {
}
#
# Remove /root/.ssh and then regenerate a
clean version with only an
#
approved authorized_keys file
.
# Remove /root/.ssh and then regenerate a
n empty directory.
#
We don
'
t
want
any
Utah
specific
keys
tainting
the
images
.
#
print
"
Cleaning root's .ssh directory ...
\n
";
if (system(
"
rm
-
rf
$ROOTSSHDIR
.
bak
"
) ||
system(
"
mv
$ROOTSSHDIR
$ROOTSSHDIR
.
bak
"
)) {
die(
"
Could
not
move
$ROOTSSHDIR
to
$ROOTSSHDIR
.
bak
"
);
}
if (! -x
"
$BINDIR
/rc/
rc
.
localize
"
|| system(
"
$BINDIR
/rc/
rc
.
localize
boot
"
)) {
system(
"
rm
-
rf
$ROOTSSHDIR
"
);
system(
"
mv
$ROOTSSHDIR
.
bak
$ROOTSSHDIR
"
);
if
(
system
("
rm -rf
$ROOTSSHDIR
")
||
system
("
mkdir -p -m 700
$ROOTSSHDIR
")
||
system
("
chown root:root
$ROOTSSHDIR
"))
{
die
("
Could not clean root .ssh directory
");
}
system(
"
rm
-
rf
$ROOTSSHDIR
.
bak
"
);
#
# XXX unlike the root .ssh directory above, the proper host keys will
# not be restored when the node reboots following taking the image.
# Thus the node will wind up with new unique host keys after reboot and
# will likely sow confusion for anyone ssh'ing in after that. Arguably,
# the host keys should be configured on every boot like the root
# authorized_keys file is (in rc.localize).
#
#print "Removing SSH host keys ...\n";
#system("rm -rf /etc/ssh/ssh_host_*key /etc/ssh/ssh_host_*key.pub");
print
"
Cleaning mail spool files ...
\n
";
system
("
rm -rf
$MAILDIR
/*
");
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment