Use rootpw for setting the root password instead of user

Ends up you cannot use the kickstart user command on root, since it already exists, so we have to translate that into a rootpw command. So [[customizations.user]] with name = "root" only support key, which will set the ssh key, and password which will use rootpw to set the password. plain text or encrypted are supported. Related: rhbz#1626122
2018-09-28 14:28:10 -07:00 · 2018-09-28 14:28:10 -07:00 · 891729528f
parent 8963c33e16
commit 891729528f
1 changed files with 34 additions and 3 deletions
--- a/src/pylorax/api/compose.py
+++ b/src/pylorax/api/compose.py
@ -113,6 +113,32 @@ def repo_to_ks(r, url="url"):
    return cmd


+def write_ks_root(f, user):
+    """ Write kickstart root password and sshkey entry
+
+    :param f: kickstart file object
+    :type f: open file object
+    :param user: A blueprint user dictionary
+    :type user: dict
+
+    If the entry contains a ssh key, use sshkey to write it
+    If it contains password, use rootpw to set it
+
+    root cannot be used with the user command. So only key and password are supported
+    for root.
+    """
+    # ssh key uses the sshkey kickstart command
+    if "key" in user:
+        f.write('sshkey --user %s "%s"\n' % (user["name"], user["key"]))
+
+    if "password" in user:
+        if any(user["password"].startswith(prefix) for prefix in ["$2b$", "$6$", "$5$"]):
+            log.debug("Detected pre-crypted password")
+            f.write('rootpw --iscrypted "%s"\n' % user["password"])
+        else:
+            log.debug("Detected plaintext password")
+            f.write('rootpw --plaintext "%s"\n' % user["password"])
+
 def write_ks_user(f, user):
    """ Write kickstart user and sshkey entry

@ -125,9 +151,6 @@ def write_ks_user(f, user):
    All of the user fields are optional, except name, write out a kickstart user entry
    with whatever options are relevant.
    """
-    if "name" not in user:
-        raise RuntimeError("user entry requires a name")
-
    # ssh key uses the sshkey kickstart command
    if "key" in user:
        f.write('sshkey --user %s "%s"\n' % (user["name"], user["key"]))
@ -216,6 +239,14 @@ def add_customizations(f, recipe):
    if "user" in customizations:
        # only name is required, everything else is optional
        for user in customizations["user"]:
+            if "name" not in user:
+                raise RuntimeError("user entry requires a name")
+
+            # root is special, cannot use normal user command for it
+            if user["name"] == "root":
+                write_ks_root(f, user)
+                continue
+
            write_ks_user(f, user)
            user_groups.append(user["name"])