summaryrefslogtreecommitdiff
path: root/cloudinit/config
diff options
context:
space:
mode:
Diffstat (limited to 'cloudinit/config')
-rw-r--r--cloudinit/config/cc_apt_configure.py20
-rw-r--r--cloudinit/config/cc_chef.py2
-rw-r--r--cloudinit/config/cc_disk_setup.py2
-rw-r--r--cloudinit/config/cc_growpart.py11
-rw-r--r--cloudinit/config/cc_resizefs.py21
-rwxr-xr-xcloudinit/config/cc_set_passwords.py75
6 files changed, 88 insertions, 43 deletions
diff --git a/cloudinit/config/cc_apt_configure.py b/cloudinit/config/cc_apt_configure.py
index 7f09c919..06804e85 100644
--- a/cloudinit/config/cc_apt_configure.py
+++ b/cloudinit/config/cc_apt_configure.py
@@ -278,15 +278,29 @@ def handle(name, ocfg, cloud, log, _):
raise ValueError("Expected dictionary for 'apt' config, found %s",
type(cfg))
- LOG.debug("handling apt (module %s) with apt config '%s'", name, cfg)
+ apply_debconf_selections(cfg, target)
+ apply_apt(cfg, cloud, target)
+
+
+def apply_apt(cfg, cloud, target):
+ # cfg is the 'apt' top level dictionary already in 'v3' format.
+ if not cfg:
+ # no config was provided. If apt configuration does not seem
+ # necessary on this system, then return.
+ if util.system_is_snappy():
+ LOG.debug("Nothing to do: No apt config and running on snappy")
+ return
+ if not (util.which('apt-get') or util.which('apt')):
+ LOG.debug("Nothing to do: No apt config and no apt commands")
+ return
+
+ LOG.debug("handling apt config: %s", cfg)
release = util.lsb_release(target=target)['codename']
arch = util.get_architecture(target)
mirrors = find_apt_mirror_info(cfg, cloud, arch=arch)
LOG.debug("Apt Mirror info: %s", mirrors)
- apply_debconf_selections(cfg, target)
-
if util.is_false(cfg.get('preserve_sources_list', False)):
generate_sources_list(cfg, release, mirrors, cloud)
rename_apt_lists(mirrors, target)
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
index f6564e5c..2be2532c 100644
--- a/cloudinit/config/cc_chef.py
+++ b/cloudinit/config/cc_chef.py
@@ -302,7 +302,7 @@ def install_chef(cloud, chef_cfg, log):
retries = max(0, util.get_cfg_option_int(chef_cfg,
"omnibus_url_retries",
default=OMNIBUS_URL_RETRIES))
- content = url_helper.readurl(url=url, retries=retries)
+ content = url_helper.readurl(url=url, retries=retries).contents
with util.tempdir() as tmpd:
# Use tmpdir over tmpfile to avoid 'text file busy' on execute
tmpf = "%s/chef-omnibus-install" % tmpd
diff --git a/cloudinit/config/cc_disk_setup.py b/cloudinit/config/cc_disk_setup.py
index 38df13ab..f39f0815 100644
--- a/cloudinit/config/cc_disk_setup.py
+++ b/cloudinit/config/cc_disk_setup.py
@@ -201,7 +201,7 @@ def update_fs_setup_devices(disk_setup, tformer):
if part and 'partition' in definition:
definition['_partition'] = definition['partition']
- definition['partition'] = part
+ definition['partition'] = part
def value_splitter(values, start=None):
diff --git a/cloudinit/config/cc_growpart.py b/cloudinit/config/cc_growpart.py
index 832bb3fd..089693e8 100644
--- a/cloudinit/config/cc_growpart.py
+++ b/cloudinit/config/cc_growpart.py
@@ -247,7 +247,16 @@ def devent2dev(devent):
result = util.get_mount_info(devent)
if not result:
raise ValueError("Could not determine device of '%s' % dev_ent")
- return result[0]
+ dev = result[0]
+
+ container = util.is_container()
+
+ # Ensure the path is a block device.
+ if (dev == "/dev/root" and not os.path.exists(dev) and not container):
+ dev = util.rootdev_from_cmdline(util.get_cmdline())
+ if dev is None:
+ raise ValueError("Unable to find device '/dev/root'")
+ return dev
def resize_devices(resizer, devices):
diff --git a/cloudinit/config/cc_resizefs.py b/cloudinit/config/cc_resizefs.py
index e028abf4..60e3ab53 100644
--- a/cloudinit/config/cc_resizefs.py
+++ b/cloudinit/config/cc_resizefs.py
@@ -71,25 +71,6 @@ RESIZE_FS_PREFIXES_CMDS = [
NOBLOCK = "noblock"
-def rootdev_from_cmdline(cmdline):
- found = None
- for tok in cmdline.split():
- if tok.startswith("root="):
- found = tok[5:]
- break
- if found is None:
- return None
-
- if found.startswith("/dev/"):
- return found
- if found.startswith("LABEL="):
- return "/dev/disk/by-label/" + found[len("LABEL="):]
- if found.startswith("UUID="):
- return "/dev/disk/by-uuid/" + found[len("UUID="):]
-
- return "/dev/" + found
-
-
def handle(name, cfg, _cloud, log, args):
if len(args) != 0:
resize_root = args[0]
@@ -121,7 +102,7 @@ def handle(name, cfg, _cloud, log, args):
# Ensure the path is a block device.
if (devpth == "/dev/root" and not os.path.exists(devpth) and
not container):
- devpth = rootdev_from_cmdline(util.get_cmdline())
+ devpth = util.rootdev_from_cmdline(util.get_cmdline())
if devpth is None:
log.warn("Unable to find device '/dev/root'")
return
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
index cf1f59ec..eb0bdab0 100755
--- a/cloudinit/config/cc_set_passwords.py
+++ b/cloudinit/config/cc_set_passwords.py
@@ -23,7 +23,8 @@ If the ``list`` key is provided, a list of
``username:password`` pairs can be specified. The usernames specified
must already exist on the system, or have been created using the
``cc_users_groups`` module. A password can be randomly generated using
-``username:RANDOM`` or ``username:R``. Password ssh authentication can be
+``username:RANDOM`` or ``username:R``. A hashed password can be specified
+using ``username:$6$salt$hash``. Password ssh authentication can be
enabled, disabled, or left to system defaults using ``ssh_pwauth``.
.. note::
@@ -45,13 +46,25 @@ enabled, disabled, or left to system defaults using ``ssh_pwauth``.
expire: <true/false>
chpasswd:
+ list: |
+ user1:password1
+ user2:RANDOM
+ user3:password3
+ user4:R
+
+ ##
+ # or as yaml list
+ ##
+ chpasswd:
list:
- user1:password1
- - user2:Random
+ - user2:RANDOM
- user3:password3
- user4:R
+ - user4:$6$rL..$ej...
"""
+import re
import sys
from cloudinit.distros import ug_util
@@ -79,38 +92,66 @@ def handle(_name, cfg, cloud, log, args):
if 'chpasswd' in cfg:
chfg = cfg['chpasswd']
- plist = util.get_cfg_option_str(chfg, 'list', plist)
+ if 'list' in chfg and chfg['list']:
+ if isinstance(chfg['list'], list):
+ log.debug("Handling input for chpasswd as list.")
+ plist = util.get_cfg_option_list(chfg, 'list', plist)
+ else:
+ log.debug("Handling input for chpasswd as multiline string.")
+ plist = util.get_cfg_option_str(chfg, 'list', plist)
+ if plist:
+ plist = plist.splitlines()
+
expire = util.get_cfg_option_bool(chfg, 'expire', expire)
if not plist and password:
(users, _groups) = ug_util.normalize_users_groups(cfg, cloud.distro)
(user, _user_config) = ug_util.extract_default(users)
if user:
- plist = "%s:%s" % (user, password)
+ plist = ["%s:%s" % (user, password)]
else:
log.warn("No default or defined user to change password for.")
errors = []
if plist:
plist_in = []
+ hashed_plist_in = []
+ hashed_users = []
randlist = []
users = []
- for line in plist.splitlines():
+ prog = re.compile(r'\$[1,2a,2y,5,6](\$.+){2}')
+ for line in plist:
u, p = line.split(':', 1)
- if p == "R" or p == "RANDOM":
- p = rand_user_password()
- randlist.append("%s:%s" % (u, p))
- plist_in.append("%s:%s" % (u, p))
- users.append(u)
+ if prog.match(p) is not None and ":" not in p:
+ hashed_plist_in.append("%s:%s" % (u, p))
+ hashed_users.append(u)
+ else:
+ if p == "R" or p == "RANDOM":
+ p = rand_user_password()
+ randlist.append("%s:%s" % (u, p))
+ plist_in.append("%s:%s" % (u, p))
+ users.append(u)
ch_in = '\n'.join(plist_in) + '\n'
- try:
- log.debug("Changing password for %s:", users)
- util.subp(['chpasswd'], ch_in)
- except Exception as e:
- errors.append(e)
- util.logexc(log, "Failed to set passwords with chpasswd for %s",
- users)
+ if users:
+ try:
+ log.debug("Changing password for %s:", users)
+ util.subp(['chpasswd'], ch_in)
+ except Exception as e:
+ errors.append(e)
+ util.logexc(
+ log, "Failed to set passwords with chpasswd for %s", users)
+
+ hashed_ch_in = '\n'.join(hashed_plist_in) + '\n'
+ if hashed_users:
+ try:
+ log.debug("Setting hashed password for %s:", hashed_users)
+ util.subp(['chpasswd', '-e'], hashed_ch_in)
+ except Exception as e:
+ errors.append(e)
+ util.logexc(
+ log, "Failed to set hashed passwords with chpasswd for %s",
+ hashed_users)
if len(randlist):
blurb = ("Set the following 'random' passwords\n",
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-08 15:31:25 +0000