From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 7188033154287927296
X-Received: by 2002:a1f:3215:0:b0:3d5:86ff:6638 with SMTP id y21-20020a1f3215000000b003d586ff6638mr8023453vky.30.1673594387478;
        Thu, 12 Jan 2023 23:19:47 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a67:cb0d:0:b0:3c9:2128:4bfc with SMTP id b13-20020a67cb0d000000b003c921284bfcls1515983vsl.5.-pod-prod-gmail;
 Thu, 12 Jan 2023 23:19:46 -0800 (PST)
X-Google-Smtp-Source: AMrXdXuiLczGqPDlslCk8qImZjTEcS+F/Eziep5YxobIpZbUDnQy5/3HXhy/lmZKoXXkgHUb5iwq
X-Received: by 2002:a05:6102:3c5:b0:3d0:c57b:5626 with SMTP id n5-20020a05610203c500b003d0c57b5626mr8543655vsq.16.1673594386692;
        Thu, 12 Jan 2023 23:19:46 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673594386; cv=none;
        d=google.com; s=arc-20160816;
        b=Nsmq/yv7cFZfXvb7tPc/DTcdsV8aGq6nzM4scI9A2i21tInTHBH7tCdscX8kpsojjh
         aYLx7gNS8N2Yn+qroJHjaOu32PMm7hM4gdn4h9sarIEZCcAH55xzaBJmGFU6uB7ngps8
         +whHivIM/VrbWPEg/XSAfUomV2gZteayt/lDaAzcjAi52+P0tWBL14ojJqPIAedcRv3J
         H7sxxoO5SlYMGEjJPYLmg/3s4LZ8uS8nAQEypz3pLLBm3Ax1R1L2c81vzrhTJh8bMATD
         8V6iMiqf+OnabL7iVoTnTeTpC8/vbX49/bIzj6Qr29dTjg5RbqRc8E6vQ51MdvulA8+n
         q9Jg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from;
        bh=T6GGCSywrly1rNSh9QJLnnr5ke8Trh7EQZKZeUH/cPQ=;
        b=sLQGSH6xi5ofgUYg1xpkSxAlSg2bWqDQQAklp5YHHqa6PgPI/iNQvZrnhuOsX4bhZ9
         Un9lz+ojeL5jH53RbnbluP5DBPZFkyI996pwhLsiqzl9k3bc8V+eJg/x7o59baAphjGo
         2Eimety5BcL5UVS20Ydb0oMpMlD1nFz4pNwDvmYx7pgB7yyEYucvS4hlokdi2w/cGvcr
         HAFbw9YGHiSuuXDLg6MnOJOeB39DKIL01mriHzfWdrDaNEgcbTy4FjVLgluwKTdLXvV9
         mbE8DZmWVOWZvBIUUIhq19ElX1GnBW75+5qjeh4yHPtiLLsMpXk+ntY4qDEs2VfpX6tq
         I1Xg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de
Return-Path: <ubely@ilbers.de>
Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166])
        by gmr-mx.google.com with ESMTPS id v5-20020a056102302500b003b06d9dca0bsi1209274vsa.1.2023.01.12.23.19.46
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
        Thu, 12 Jan 2023 23:19:46 -0800 (PST)
Received-SPF: pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de
Received: from baighyz.m.ilbers.de (host-80-81-17-52.static.customer.m-online.net [80.81.17.52])
	(authenticated bits=0)
	by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPSA id 30D7JgEt027786
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
	for <isar-users@googlegroups.com>; Fri, 13 Jan 2023 08:19:44 +0100
From: Uladzimir Bely <ubely@ilbers.de>
To: isar-users@googlegroups.com
Subject: [PATCH 05/11] image-account-extension: Add copy-ci-key flag for user
Date: Fri, 13 Jan 2023 08:19:36 +0100
Message-Id: <20230113071942.22506-6-ubely@ilbers.de>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20230113071942.22506-1-ubely@ilbers.de>
References: <20230113071942.22506-1-ubely@ilbers.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
	autolearn=unavailable autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de
X-TUID: 6axdulwNUPTt

If the flag enabled, CI ssh public key is copied `authorized_keys`
in `$USER/.ssh/` directory.

This allows non-interactive SSH access to the machine with executing
custom commands on the guest VM.

Signed-off-by: Uladzimir Bely <ubely@ilbers.de>
---
 meta/classes/image-account-extension.bbclass | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/meta/classes/image-account-extension.bbclass b/meta/classes/image-account-extension.bbclass
index 70950a7b..c9b86250 100644
--- a/meta/classes/image-account-extension.bbclass
+++ b/meta/classes/image-account-extension.bbclass
@@ -17,7 +17,7 @@ USERS ??= ""
 #USER_root[home] = "/home/root"
 #USER_root[shell] = "/bin/sh"
 #USER_root[groups] = "audio video"
-#USER_root[flags] = "no-create-home create-home system allow-empty-password clear-text-password force-passwd-change"
+#USER_root[flags] = "no-create-home create-home system allow-empty-password clear-text-password force-passwd-change copy-ci-key"
 
 GROUPS ??= ""
 
@@ -263,5 +263,17 @@ image_postprocess_accounts() {
             sudo -E chroot '${ROOTFSDIR}' \
                 /usr/bin/passwd --expire "$name"
         fi
+
+        # Add CI ssh key for noninteractive login
+        if [ "${flags}" != "${flags%*,copy-ci-key,*}" ]; then
+            echo "Add CI ssh key for \"$name\""
+            sudo sh -c " \
+                mkdir -p ${ROOTFSDIR}/${home}/.ssh && \
+                cat ${TESTSUITEDIR}/keys/ssh/id_rsa.pub > ${ROOTFSDIR}/${home}/.ssh/authorized_keys && \
+                chmod -R go-rwx ${ROOTFSDIR}/${home}/.ssh
+            "
+            sudo -E chroot '${ROOTFSDIR}' \
+                chown -R ${name}:${gid} ${home}/.ssh
+        fi
     done
 }
-- 
2.20.1