From 7900ed012110c5cca1d34742ff2d72ea9ce90b48 Mon Sep 17 00:00:00 2001
From: Iustin Pop <iustin@google.com>
Date: Fri, 12 Oct 2007 14:53:16 +0000
Subject: [PATCH] Remove some hardcoded names/paths from backend.py

This patch does the following:
  - add constants.GANETI_RUNAS = "root", which is used to compute
    the homedir (and thus the .ssh directory) instead of hardcoding
    "/root/.ssh" in backend.AddNode and backend.LeaveCluster
  - add constants.SSH_CONFIG_DIR (currently hardcoded to /etc/ssh) that
    is used in backend instead of hardcoding it (preparation for
    selecting that at ./configure time)
  - some more internal cleanup in backend.AddNode

Reviewed-by: imsnah
---
 lib/backend.py   | 80 +++++++++++++++++++++++++-----------------------
 lib/constants.py |  6 +++-
 2 files changed, 47 insertions(+), 39 deletions(-)

diff --git a/lib/backend.py b/lib/backend.py
index c8d1dd095..a8ccf50f1 100644
--- a/lib/backend.py
+++ b/lib/backend.py
@@ -80,45 +80,36 @@ def StopMaster():
 
 
 def AddNode(dsa, dsapub, rsa, rsapub, sshkey, sshpub):
-  """ adds the node to the cluster
-      - updates the hostkey
-      - adds the ssh-key
-      - sets the node id
-      - sets the node status to installed
+  """Joins this node to the cluster.
 
-  """
-  f = open("/etc/ssh/ssh_host_rsa_key", 'w')
-  f.write(rsa)
-  f.close()
+  This does the following:
+      - updates the hostkeys of the machine (rsa and dsa)
+      - adds the ssh private key to the user
+      - adds the ssh public key to the users' authorized_keys file
 
-  f = open("/etc/ssh/ssh_host_rsa_key.pub", 'w')
-  f.write(rsapub)
-  f.close()
+  """
+  user_dir = utils.GetHomeDir(constants.GANETI_RUNAS)
+  if not user_dir:
+    logger.Error("Cannot find home of run-as user %s" % constants.GANETI_RUNAS)
+    return False
 
-  f = open("/etc/ssh/ssh_host_dsa_key", 'w')
-  f.write(dsa)
-  f.close()
+  sshd_keys =  [("ssh_host_rsa_key", rsa, 0600),
+                ("ssh_host_rsa_key.pub", rsapub, 0644),
+                ("ssh_host_dsa_key", dsa, 0600),
+                ("ssh_host_dsa_key.pub",  dsapub, 0644)]
+  for name, content, mode in sshd_keys:
+    utils.WriteFile(os.path.join(constants.SSH_CONFIG_DIR, name),
+                    data=content, mode=mode)
 
-  f = open("/etc/ssh/ssh_host_dsa_key.pub", 'w')
-  f.write(dsapub)
-  f.close()
+  user_ssh_dir = os.path.join(user_dir, ".ssh")
 
-  if not os.path.isdir("/root/.ssh"):
-    os.mkdir("/root/.ssh")
+  if not os.path.isdir(user_ssh_dir):
+    os.mkdir(user_ssh_dir)
 
-  f = open("/root/.ssh/id_dsa", 'w')
-  f.write(sshkey)
-  f.close()
+  for name, content in [("id_dsa", sshkey), ("id_dsa.pub", sshpub)]:
+    utils.WriteFile(os.path.join(user_ssh_dir, name), data=content, mode=0600)
 
-  f = open("/root/.ssh/id_dsa.pub", 'w')
-  f.write(sshpub)
-  f.close()
-
-  f = open('/root/.ssh/id_dsa.pub', 'r')
-  try:
-    utils.AddAuthorizedKey('/root/.ssh/authorized_keys', f.read(8192))
-  finally:
-    f.close()
+  utils.AddAuthorizedKey(os.path.join(user_ssh_dir, "authorized_keys"), sshpub)
 
   utils.RunCmd([constants.SSH_INITD_SCRIPT, "restart"])
 
@@ -135,14 +126,27 @@ def LeaveCluster():
       if os.path.isfile(full_name) and not os.path.islink(full_name):
         utils.RemoveFile(full_name)
 
-  f = open('/root/.ssh/id_dsa.pub', 'r')
+  user_dir = utils.GetHomeDir(constants.GANETI_RUNAS)
+  if not user_dir:
+    logger.Error("Cannot find home of run-as user %s" % constants.GANETI_RUNAS)
+    return
+
+  user_ssh_dir = os.path.join(user_dir, ".ssh")
+
+  if not os.path.isdir(user_ssh_dir):
+    logger.Error("User's ssh dir '%s' does not exist?!" % user_ssh_dir)
+    return
+
+  f = open(os.path.join(user_ssh_dir, "id_dsa.pub"), 'r')
   try:
-    utils.RemoveAuthorizedKey('/root/.ssh/authorized_keys', f.read(8192))
+    utils.RemoveAuthorizedKey(os.path.join(user_ssh_dir, "authorized_keys"),
+                              f.read(8192))
   finally:
     f.close()
 
-  utils.RemoveFile('/root/.ssh/id_dsa')
-  utils.RemoveFile('/root/.ssh/id_dsa.pub')
+
+  utils.RemoveFile(os.path.join(user_ssh_dir, "id_dsa"))
+  utils.RemoveFile(os.path.join(user_ssh_dir, "id_dsa.pub"))
 
 
 def GetNodeInfo(vgname):
@@ -1120,7 +1124,7 @@ def ExportSnapshot(disk, dest_node, instance):
 
   destcmd = utils.BuildShellCmd("mkdir -p %s && cat > %s/%s",
                                 destdir, destdir, destfile)
-  remotecmd = ssh.BuildSSHCmd(dest_node, 'root', destcmd)
+  remotecmd = ssh.BuildSSHCmd(dest_node, constants.GANETI_RUNAS, destcmd)
 
 
 
@@ -1262,7 +1266,7 @@ def ImportOSIntoInstance(instance, os_disk, swap_disk, src_node, src_image):
     os.mkdir(constants.LOG_OS_DIR, 0750)
 
   destcmd = utils.BuildShellCmd('cat %s', src_image)
-  remotecmd = ssh.BuildSSHCmd(src_node, 'root', destcmd)
+  remotecmd = ssh.BuildSSHCmd(src_node, constants.GANETI_RUNAS, destcmd)
 
   comprcmd = "gunzip"
   impcmd = utils.BuildShellCmd("(cd %s; %s -i %s -b %s -s %s &>%s)",
diff --git a/lib/constants.py b/lib/constants.py
index 8bb165575..60dbb183b 100644
--- a/lib/constants.py
+++ b/lib/constants.py
@@ -39,7 +39,6 @@ WATCHER_STATEFILE = DATA_DIR + "/watcher.data"
 SSH_KNOWN_HOSTS_FILE = DATA_DIR + "/known_hosts"
 
 NODE_INITD_SCRIPT = _autoconf.SYSCONFDIR + "/init.d/ganeti"
-SSH_INITD_SCRIPT = _autoconf.SSH_INITD_SCRIPT
 DEFAULT_NODED_PORT = 1811
 FIRST_DRBD_PORT = 11000
 LAST_DRBD_PORT = 14999
@@ -109,3 +108,8 @@ DEFAULT_BRIDGE = "xen-br0"
 SYNC_SPEED = 30 * 1024
 LOCALHOST_IP_ADDRESS="127.0.0.1"
 TCP_PING_TIMEOUT = 10
+GANETI_RUNAS = "root"
+
+# external utilities
+SSH_INITD_SCRIPT = _autoconf.SSH_INITD_SCRIPT
+SSH_CONFIG_DIR = "/etc/ssh"
-- 
GitLab