anaconda/anaconda-40.22.3.13/pyanaconda/modules/users/installation.py

193 lines
6.6 KiB
Python
Raw Normal View History

2024-11-14 21:39:56 -08:00
#
# Copyright (C) 2019 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing to use,
# modify, copy, or redistribute it subject to the terms and conditions of
# the GNU General Public License v.2, or (at your option) any later version.
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY expressed or implied, including the implied warranties of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details. You should have received a copy of the
# GNU General Public License along with this program; if not, write to the
# Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA. Any Red Hat trademarks that are incorporated in the
# source code or documentation are not subject to the GNU General Public
# License and may only be used or replicated with the express permission of
# Red Hat, Inc.
#
import os
from pyanaconda.core import users
from pyanaconda.modules.common.task import Task
from pyanaconda.anaconda_loggers import get_module_logger
log = get_module_logger(__name__)
__all__ = ["SetRootPasswordTask", "CreateUsersTask", "CreateGroupsTask", "SetSshKeysTask",
"ConfigureRootPasswordSSHLoginTask"]
class SetRootPasswordTask(Task):
"""Installation task fot setting the root password."""
def __init__(self, sysroot, password, crypted, locked):
"""Create a new root password configuration task.
:param str sysroot: a path to the root of the target system
:param str password: root password to be set
:param bool crypted: is the root password already encrypted ?
:param bool locked: should the root password be locked ?
"""
super().__init__()
self._sysroot = sysroot
self._password = password
self._crypted = crypted
self._locked = locked
@property
def name(self):
return "Configure root password"
def run(self):
self._set_root_password()
def _set_root_password(self):
users.set_root_password(self._password,
self._crypted,
self._locked,
self._sysroot)
class CreateUsersTask(Task):
"""Create users on the target system."""
def __init__(self, sysroot, user_data_list):
"""Create a new user creation task.
:param str sysroot: a path to the root of the installed system
:param user_data_list: list of users to create
:type user_data_list: list of UserData instances
"""
super().__init__()
self._sysroot = sysroot
self._user_data_list = user_data_list
@property
def name(self):
return "Create users"
def run(self):
self._create_users()
def _create_users(self):
for user_data in self._user_data_list:
uid = user_data.get_uid()
gid = user_data.get_gid()
try:
users.create_user(username=user_data.name,
password=user_data.password,
is_crypted=user_data.is_crypted,
lock=user_data.lock,
homedir=user_data.homedir,
uid=uid, gid=gid,
groups=user_data.groups,
shell=user_data.shell,
gecos=user_data.gecos,
root=self._sysroot)
except ValueError as e:
log.warning(str(e))
class CreateGroupsTask(Task):
"""Create groups on the target system."""
def __init__(self, sysroot, group_data_list):
"""Create a new group creation task.
:param str sysroot: a path to the root of the installed system
:param group_data_list: list of groups to create
:type group_data_list: list of GroupData instances
"""
super().__init__()
self._sysroot = sysroot
self._group_data_list = group_data_list
@property
def name(self):
return "Create groups"
def run(self):
self._create_groups()
def _create_groups(self):
for group_data in self._group_data_list:
gid = group_data.get_gid()
try:
users.create_group(group_name=group_data.name, gid=gid, root=self._sysroot)
except ValueError as e:
log.warning(str(e))
class SetSshKeysTask(Task):
"""Install specified SSH keys to the target system."""
def __init__(self, sysroot, ssh_key_data_list):
"""Create a new SSH key installation task.
:param str sysroot: a path to the root of the installed system
:param ssh_key_data_list: list of keys to install
:type ssh_key_data_list: list of SshKeyData instances
"""
super().__init__()
self._sysroot = sysroot
self._ssh_key_data_list = ssh_key_data_list
@property
def name(self):
return "Set SSH keys"
def run(self):
self._set_ssh_keys()
def _set_ssh_keys(self):
for key_data in self._ssh_key_data_list:
users.set_user_ssh_key(key_data.username, key_data.key)
class ConfigureRootPasswordSSHLoginTask(Task):
"""Optionally add an override allowing root to login with password over SSH."""
CONFIG_PATH = "etc/ssh/sshd_config.d/01-permitrootlogin.conf"
def __init__(self, sysroot, password_allowed):
"""Create a new root password SSH login configuration task.
:param str sysroot: a path to the root of the installed system
:param bool password_allowed: True allows root to login via SSH with password auth.
False prevents it by not changing the default OpenSSH
behavior
"""
super().__init__()
self._sysroot = sysroot
self._password_allowed = password_allowed
@property
def name(self):
return "Configure optional root password SSH login"
def run(self):
"""Run the task."""
if self._password_allowed:
log.debug("Adding an override allowing root login with password via SSH.")
with open(os.path.join(self._sysroot, self.CONFIG_PATH), "wt") as f:
f.write(
'# This file has been generated by the Anaconda Installer.\n'
'# Allow root to log in using ssh. Remove this file to opt-out.\n'
'PermitRootLogin yes\n'
)
else:
log.debug("Not adding an override allowing root login with password via SSH.")