Changes pre-config files to use new ssh keys

This patch adds version 2 of preseed files pointing to the to the new osbash ssh keys URL while keeping the older version to point to the vagrant keys URL. Change-Id: If0f0b609d5d58d7169eed0e2e84a890c7f3b4970
2015-02-24 17:57:28 +05:30 · 2015-02-24 17:57:28 +05:30 · 3e6c2160dd
commit 3e6c2160dd
parent a6c28ef51e
4 changed files with 373 additions and 0 deletions
--- a/labs/lib/osbash/netboot/ks-all-v2.cfg
+++ b/labs/lib/osbash/netboot/ks-all-v2.cfg
@ -0,0 +1,75 @@
+#platform=x86, AMD64, or Intel EM64T
+#version=DEVEL
+# Install OS instead of upgrade
+install
+# Keyboard layouts
+keyboard 'us'
+# Reboot after installation
+reboot --eject
+# Root password
+rootpw --plaintext osbash
+# User
+user --name=osbash --password=osbash --plaintext
+# System timezone
+timezone Etc/UTC --isUtc
+# System language
+lang en_US
+# Firewall configuration
+firewall --disabled
+# System authorization information
+auth  --useshadow  --passalgo=sha512
+# Use CDROM installation media
+cdrom
+# Use text mode install
+text
+# SELinux configuration
+selinux --permissive
+# Do not configure the X Window System
+skipx
+
+# System bootloader configuration
+bootloader --location=mbr
+# Partition clearing information
+clearpart --all
+
+part /boot --fstype=ext4 --size=1024
+part pv.0 --grow --size=1
+volgroup ROOTDISK --pesize=4096 pv.0
+logvol swap --name=swap --vgname=ROOTDISK --recommended
+logvol / --fstype=ext4 --name=root --vgname=ROOTDISK --size=1 --grow
+
+%pre --interpreter=bash
+%end
+#-------------------------------------------------------------------------------
+# Enable ssh login with insecure osbash key and password-less sudo for osbash
+# Install VirtualBox guest additions, bootstrap osbashauto
+%post --interpreter=/bin/bash
+DIR=/home/osbash/.ssh
+mkdir $DIR
+wget -O $DIR/authorized_keys https://git.openstack.org/cgit/openstack/training-guides/plain/labs/lib/osbash-ssh-keys/osbash_key.pub
+chmod 700 $DIR
+chmod 400 $DIR/authorized_keys
+chown -R osbash:osbash $DIR
+echo "osbash ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+echo "Defaults:osbash !requiretty" >> /etc/sudoers
+
+yum -y install dkms
+
+mount /dev/sr1 /mnt
+/mnt/VBoxLinuxAdditions.run
+umount /mnt
+
+echo -e '#!/bin/bash\nbash /media/sf_*/autostart/*activate_autostart.sh\nrm /media/*/autostart/*activate_autostart.sh' > /etc/init.d/osbash
+chmod 755 /etc/init.d/osbash
+ln -s ../init.d/osbash /etc/rc2.d/S40osbash
+%end
+#-------------------------------------------------------------------------------
+# tar, bzip2, kernel-{devel,headers}: needed for VirtualBox guest additions
+# (but not in @core)
+%packages
+wget
+tar
+bzip2
+kernel-devel
+kernel-headers
+%end
--- a/labs/lib/osbash/netboot/ks-ssh-v2.cfg
+++ b/labs/lib/osbash/netboot/ks-ssh-v2.cfg
@ -0,0 +1,58 @@
+#platform=x86, AMD64, or Intel EM64T
+#version=DEVEL
+# Install OS instead of upgrade
+install
+# Keyboard layouts
+keyboard 'us'
+# Reboot after installation
+reboot --eject
+# Root password
+rootpw --plaintext osbash
+# User
+user --name=osbash --password=osbash --plaintext
+# System timezone
+timezone Etc/UTC --isUtc
+# System language
+lang en_US
+# Firewall configuration
+firewall --disabled
+# System authorization information
+auth  --useshadow  --passalgo=sha512
+# Use CDROM installation media
+cdrom
+# Use text mode install
+text
+# SELinux configuration
+selinux --permissive
+# Do not configure the X Window System
+skipx
+
+# System bootloader configuration
+bootloader --location=mbr
+# Partition clearing information
+clearpart --all
+
+part /boot --fstype=ext4 --size=1024
+part pv.0 --grow --size=1
+volgroup ROOTDISK --pesize=4096 pv.0
+logvol swap --name=swap --vgname=ROOTDISK --recommended
+logvol / --fstype=ext4 --name=root --vgname=ROOTDISK --size=1 --grow
+
+%pre --interpreter=bash
+%end
+#-------------------------------------------------------------------------------
+# Enable ssh login with insecure osbash key and password-less sudo for osbash
+%post --interpreter=/bin/bash
+DIR=/home/osbash/.ssh
+mkdir $DIR
+wget -O $DIR/authorized_keys https://git.openstack.org/cgit/openstack/training-guides/plain/labs/lib/osbash-ssh-keys/osbash_key.pub
+chmod 700 $DIR
+chmod 400 $DIR/authorized_keys
+chown -R osbash:osbash $DIR
+echo "osbash ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+echo "Defaults:osbash !requiretty" >> /etc/sudoers
+%end
+
+%packages
+wget
+%end
--- a/labs/lib/osbash/netboot/preseed-all-v2.cfg
+++ b/labs/lib/osbash/netboot/preseed-all-v2.cfg
@ -0,0 +1,120 @@
+# Based on
+# https://help.ubuntu.com/12.04/installation-guide/example-preseed.txt
+#
+# For details, see:
+# https://help.ubuntu.com/12.04/installation-guide/i386/appendix-preseed.html
+#-------------------------------------------------------------------------------
+# Preseeding only locale sets language, country and locale.
+d-i debian-installer/locale string en_US
+
+# Disable automatic (interactive) keymap detection.
+d-i console-setup/ask_detect boolean false
+d-i keyboard-configuration/layoutcode string us
+
+d-i netcfg/get_hostname string osbash
+d-i netcfg/get_domain string unassigned-domain
+#-------------------------------------------------------------------------------
+# Proxy
+#d-i mirror/http/proxy string http://192.168.178.20:3128/
+d-i mirror/http/proxy string
+#-------------------------------------------------------------------------------
+### Clock and time zone setup
+# Controls whether or not the hardware clock is set to UTC.
+d-i clock-setup/utc boolean true
+d-i time/zone string Etc/UTC
+#-------------------------------------------------------------------------------
+### Partitioning
+# The presently available methods are:
+# - regular: use the usual partition types for your architecture
+# - lvm:     use LVM to partition the disk
+# - crypto:  use LVM within an encrypted partition
+d-i partman-auto/method string regular
+
+# You can choose one of the three predefined partitioning recipes:
+# - atomic: all files in one partition
+# - home:   separate /home partition
+# - multi:  separate /home, /usr, /var, and /tmp partitions
+d-i partman-auto/choose_recipe select atomic
+
+# This makes partman automatically partition without confirmation, provided
+# that you told it what to do using one of the methods above.
+d-i partman/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+#-------------------------------------------------------------------------------
+# To create a normal user account.
+d-i passwd/user-fullname string OpenStack user
+d-i passwd/username string osbash
+d-i passwd/user-password password osbash
+d-i passwd/user-password-again password osbash
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+#-------------------------------------------------------------------------------
+### Package selection
+tasksel tasksel/first minimal
+
+# Individual additional packages to install
+d-i pkgsel/include string openssh-server dkms localepurge
+
+# http://sfxpt.wordpress.com/2013/06/09/get-the-debianubuntu-ready-and-customized-the-way-you-like-in-10-minutes/
+### Pkg:localepurge
+# Options explained at: http://anonscm.debian.org/cgit/collab-maint/localepurge.git/tree/debian/localepurge.templates
+localepurge localepurge/nopurge multiselect en_US
+# Really remove all locales?
+localepurge localepurge/none_selected boolean false
+# Also delete localized man pages?
+localepurge localepurge/mandelete boolean true
+# Avoid note that localepurge will not take any action until configured
+localepurge localepurge/remove_no note
+# Inform about new locales?
+localepurge localepurge/dontbothernew boolean false
+# Display verbose output?
+localepurge localepurge/verbose boolean false
+# Display freed disk space?
+localepurge localepurge/showfreedspace boolean true
+# Accurate disk space calculation?
+localepurge localepurge/quickndirtycalc boolean true
+# Use dpkg --path-exclude?
+localepurge localepurge/use-dpkg-feature bolean true
+#-------------------------------------------------------------------------------
+# Whether to upgrade packages after debootstrap.
+# Allowed values: none, safe-upgrade, full-upgrade
+d-i pkgsel/upgrade select none
+
+# Policy for applying updates. May be "none" (no automatic updates),
+# "unattended-upgrades" (install security updates automatically), or
+# "landscape" (manage system with Landscape).
+d-i pkgsel/update-policy select none
+
+# This is fairly safe to set, it makes grub install automatically to the MBR
+# if no other operating system is detected on the machine.
+d-i grub-installer/only_debian boolean true
+
+# Avoid warning about install CD not containing full support for language
+d-i pkgsel/install-language-support boolean false
+
+# Avoid reboot confirmation
+d-i finish-install/reboot_in_progress note
+
+d-i cdrom-detect/eject boolean true
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Use the following option to add additional boot parameters for the
+# installed system (if supported by the bootloader installer).
+# Note: options passed to the installer will be added automatically.
+
+# With Ubuntu 12.04 LTS, modesetting may result in a blank console
+d-i debian-installer/add-kernel-opts string vga=0x301 nomodeset
+#-------------------------------------------------------------------------------
+#### Advanced options
+### Running custom commands during the installation
+# d-i preseeding is inherently not secure. Nothing in the installer checks
+# for attempts at buffer overflows or other exploits of the values of a
+# preconfiguration file like this one. Only use preconfiguration files from
+# trusted locations!
+
+# This command is run just before the install finishes, but when there is
+# still a usable /target directory. You can chroot to /target and use it
+# directly, or use the apt-install and in-target commands to easily install
+# packages and run commands in the target system.
+d-i preseed/late_command string echo "DIR=/home/osbash/.ssh; mkdir \$DIR; wget -O \$DIR/authorized_keys https://git.openstack.org/cgit/openstack/training-guides/plain/labs/lib/osbash-ssh-keys/osbash_key.pub ; chmod 700 \$DIR; chmod 400 \$DIR/authorized_keys; chown -R osbash:osbash \$DIR; echo 'osbash ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers; echo 'Defaults:osbash !requiretty' >> /etc/sudoers; apt-get -y purge virtualbox-guest-dkms virtualbox-guest-utils; mount /dev/sr1 /mnt; /mnt/VBoxLinuxAdditions.run; umount /mnt; echo -e '#!/bin/bash\nexec > /root/bootstrap.log 2>&1\nset -x\nSCR=/media/sf_bootstrap/autostart/*activate_autostart.sh\nwhile [ ! -f \$SCR ];do sleep 1;done\nbash \$SCR\nrm -v \$SCR' > /etc/rc2.d/S40osbash; chmod 755 /etc/rc2.d/S40osbash;" | chroot /target /bin/bash;
--- a/labs/lib/osbash/netboot/preseed-ssh-v2.cfg
+++ b/labs/lib/osbash/netboot/preseed-ssh-v2.cfg
@ -0,0 +1,120 @@
+# Based on
+# https://help.ubuntu.com/12.04/installation-guide/example-preseed.txt
+#
+# For details, see:
+# https://help.ubuntu.com/12.04/installation-guide/i386/appendix-preseed.html
+#-------------------------------------------------------------------------------
+# Preseeding only locale sets language, country and locale.
+d-i debian-installer/locale string en_US
+
+# Disable automatic (interactive) keymap detection.
+d-i console-setup/ask_detect boolean false
+d-i keyboard-configuration/layoutcode string us
+
+d-i netcfg/get_hostname string osbash
+d-i netcfg/get_domain string unassigned-domain
+#-------------------------------------------------------------------------------
+# Proxy
+#d-i mirror/http/proxy string http://192.168.178.20:3128/
+d-i mirror/http/proxy string
+#-------------------------------------------------------------------------------
+### Clock and time zone setup
+# Controls whether or not the hardware clock is set to UTC.
+d-i clock-setup/utc boolean true
+d-i time/zone string Etc/UTC
+#-------------------------------------------------------------------------------
+### Partitioning
+# The presently available methods are:
+# - regular: use the usual partition types for your architecture
+# - lvm:     use LVM to partition the disk
+# - crypto:  use LVM within an encrypted partition
+d-i partman-auto/method string regular
+
+# You can choose one of the three predefined partitioning recipes:
+# - atomic: all files in one partition
+# - home:   separate /home partition
+# - multi:  separate /home, /usr, /var, and /tmp partitions
+d-i partman-auto/choose_recipe select atomic
+
+# This makes partman automatically partition without confirmation, provided
+# that you told it what to do using one of the methods above.
+d-i partman/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+#-------------------------------------------------------------------------------
+# To create a normal user account.
+d-i passwd/user-fullname string OpenStack user
+d-i passwd/username string osbash
+d-i passwd/user-password password osbash
+d-i passwd/user-password-again password osbash
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+#-------------------------------------------------------------------------------
+### Package selection
+tasksel tasksel/first minimal
+
+# Individual additional packages to install
+d-i pkgsel/include string openssh-server dkms localepurge
+
+# http://sfxpt.wordpress.com/2013/06/09/get-the-debianubuntu-ready-and-customized-the-way-you-like-in-10-minutes/
+### Pkg:localepurge
+# Options explained at: http://anonscm.debian.org/cgit/collab-maint/localepurge.git/tree/debian/localepurge.templates
+localepurge localepurge/nopurge multiselect en_US
+# Really remove all locales?
+localepurge localepurge/none_selected boolean false
+# Also delete localized man pages?
+localepurge localepurge/mandelete boolean true
+# Avoid note that localepurge will not take any action until configured
+localepurge localepurge/remove_no note
+# Inform about new locales?
+localepurge localepurge/dontbothernew boolean false
+# Display verbose output?
+localepurge localepurge/verbose boolean false
+# Display freed disk space?
+localepurge localepurge/showfreedspace boolean true
+# Accurate disk space calculation?
+localepurge localepurge/quickndirtycalc boolean true
+# Use dpkg --path-exclude?
+localepurge localepurge/use-dpkg-feature bolean true
+#-------------------------------------------------------------------------------
+# Whether to upgrade packages after debootstrap.
+# Allowed values: none, safe-upgrade, full-upgrade
+d-i pkgsel/upgrade select none
+
+# Policy for applying updates. May be "none" (no automatic updates),
+# "unattended-upgrades" (install security updates automatically), or
+# "landscape" (manage system with Landscape).
+d-i pkgsel/update-policy select none
+
+# This is fairly safe to set, it makes grub install automatically to the MBR
+# if no other operating system is detected on the machine.
+d-i grub-installer/only_debian boolean true
+
+# Avoid warning about install CD not containing full support for language
+d-i pkgsel/install-language-support boolean false
+
+# Avoid reboot confirmation
+d-i finish-install/reboot_in_progress note
+
+d-i cdrom-detect/eject boolean true
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Use the following option to add additional boot parameters for the
+# installed system (if supported by the bootloader installer).
+# Note: options passed to the installer will be added automatically.
+
+# With Ubuntu 12.04 LTS, modesetting may result in a blank console
+d-i debian-installer/add-kernel-opts string vga=0x301 nomodeset
+#-------------------------------------------------------------------------------
+#### Advanced options
+### Running custom commands during the installation
+# d-i preseeding is inherently not secure. Nothing in the installer checks
+# for attempts at buffer overflows or other exploits of the values of a
+# preconfiguration file like this one. Only use preconfiguration files from
+# trusted locations!
+
+# This command is run just before the install finishes, but when there is
+# still a usable /target directory. You can chroot to /target and use it
+# directly, or use the apt-install and in-target commands to easily install
+# packages and run commands in the target system.
+d-i preseed/late_command string echo "DIR=/home/osbash/.ssh; mkdir \$DIR; wget -O \$DIR/authorized_keys https://git.openstack.org/cgit/openstack/training-guides/plain/labs/lib/osbash-ssh-keys/osbash_key.pub ; chmod 700 \$DIR; chmod 400 \$DIR/authorized_keys; chown -R osbash:osbash \$DIR; echo 'osbash ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers; echo 'Defaults:osbash !requiretty' >> /etc/sudoers;" | chroot /target /bin/bash;