| Age | Commit message (Collapse) | Author |
|---|
|
Cloud config can now disable ssh access to non-root users.
When defining the 'users' list in cloud-configuration a boolean
'ssh_redirect_user: true' can be provided to disable ssh logins for
that user. Any ssh 'public-keys' defined in cloud meta-data will be added
and disabled in .ssh/authorized_keys. Any attempts to ssh as this user
using acceptable ssh keys will be presented with a message like the
following:
Please login as the user "ubuntu" rather than the user "youruser".
|
|
This has been a recurring ask and we had initially just made the change to
the cloud-init 2.0 codebase. As the current thinking is we'll just
continue to enhance the current codebase, its desirable to relicense to
match what we'd intended as part of the 2.0 plan here.
- put a brief description of license in LICENSE file
- put full license versions in LICENSE-GPLv3 and LICENSE-Apache2.0
- simplify the per-file header to reference LICENSE
- tox: ignore H102 (Apache License Header check)
Add license header to files that ship.
Reformat headers, make sure everything has vi: at end of file.
Non-shipping files do not need the copyright header,
but at the moment tests/ have it.
|
|
The amount of code to do user and group normalization
and extraction deserves its own file so move the code
that does this to a new file and update references to the
old location.
This removes some of the funkyness done in config modules
to avoid namespace and attribute clashes as well.
|
|
This adds lots of config module documentation in a standard format.
It will greatly improve the content at readthedocs.
Additionally:
* Add a 'doc' env to tox.ini
* Changed default highlight language for sphinx conf from python to yaml
most examples in documentation are yaml configs
* Updated datasource examples to highlight sh code properly
|
|
|
|
|
|
ssh: generate ed25519 host keys if supported
now we attempt to generate ed25519 host keys.
If ssh-keygen does not support it, a debug log message will be written.
LP: #1461242
|
|
|
|
|
|
|
|
|
|
LP: #1461242
|
|
to be behind trunk.
`tox -e py27` passes full test suite. Now to work on replacing mocker.
|
|
Fixed all complaints from running "make pep8". Also version locked
pep8 in test-requirements.txt to ensure that pep8 requirements don't
change without an explicit commit.
|
|
|
|
Now, parser.parse specifies options that override any options found,
rather than just being default options.
There could still potentially be a user for default_options, but since we're
not using them anywhere, I've dropped it. The difference is that in setting up
the root user, we're now insisting that all keys that go in there have the
key_prefix, even if the key content had other options.
I think this is actually the commit that fixes LP: #1136343.
|
|
1. Remove the usage of the path.join function
now that all code should be going through
the util file methods (and they can be
mocked out as needed).
2. Adjust all occurences of the above join
function to either not use it or replace
it with the standard os.path.join (which
can also be mocked out as needed)
3. Fix pylint from complaining about the
tests folder 'helpers.py' not being found
4. Add a pylintrc file that is used instead
of the options hidden in the 'run_pylint'
tool.
|
|
imported without being renamed due to
previous usage of the attribute 'distros'
|
|
the previous 'user' and make those locations
go through the new distros functions to select
the default user or the user list (depending on usage).
Adjust the tests to check the new 'default' field
that signifies the default user + test the new method
to extract just the default user from a normalized
user dictionary.
|
|
on Ubuntu systems via cloud-config (LP: #1041384).
- Fixed bug with user creation on Ubuntu where the default user groups are
not set properly (LP: #1044044).
- Fixed documentation for user creation (LP: #1044508).
|
|
cc_ssh.py was getting user of None, which ended up with a root user
not getting ssh keys updated. That was bad. So, I duplicated the
"get user zero" code that appeared other places here.
Then, we disable the root user even if there is not a user. In that
case we just use the string "NONE" in the disable message.
|
|
make pep8 now is silent on precise's pep8 ( 0.6.1-2ubuntu2).
|
|
|
|
some protection against module name collisions when importing.
|
