From c8b9247edfd2aa7f1df349e2a2c0796e46b2c851 Mon Sep 17 00:00:00 2001
From: jbjohnso <jbjohnso@8638fb3e-16cb-4fca-ae20-7b5d299a9bcd>
Date: Wed, 16 Apr 2008 21:08:57 +0000
Subject: [PATCH] -Add retrieval of root's private ssh key through the
 credentials plugin to postscripts

git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1108 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
---
 xCAT/postscripts/getcredentials.awk | 25 +++++++++++++++++++++++++
 xCAT/postscripts/remoteshell        | 25 ++++++++++++++++++++++++-
 2 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100755 xCAT/postscripts/getcredentials.awk

diff --git a/xCAT/postscripts/getcredentials.awk b/xCAT/postscripts/getcredentials.awk
new file mode 100755
index 000000000..ddcb2a8ad
--- /dev/null
+++ b/xCAT/postscripts/getcredentials.awk
@@ -0,0 +1,25 @@
+#!/usr/bin/awk -f
+BEGIN {
+        listener = "/inet/tcp/300/0/0"
+        server = "/inet/tcp/0/127.0.0.1/400"
+        quit = "no"
+
+
+        print "<xcatrequest>" |& server
+        print "   <command>getcredentials</command>" |& server
+        print "   <callback_port>300</callback_port>" |& server
+        print "   <arg>"ARGV[1]"</arg>" |& server
+        print "</xcatrequest>" |& server
+
+        while (match(quit,"no") && (listener |& getline) > 0) {
+                if (match($0,"CREDOKBYYOU?")) {
+                        print "CREDOKBYME" |& listener
+                        quit="yes"
+                }
+        }
+        close(listener)
+
+        while (server |& getline) {
+                print $0
+        }
+}
diff --git a/xCAT/postscripts/remoteshell b/xCAT/postscripts/remoteshell
index 48b2019bf..373a046eb 100755
--- a/xCAT/postscripts/remoteshell
+++ b/xCAT/postscripts/remoteshell
@@ -26,6 +26,7 @@ then
 	cd /xcatpost/.ssh
 	mkdir -p /root/.ssh
 	cp -f * /root/.ssh
+   cd -
 	chmod 700 /root/.ssh
 	chmod 600 /root/.ssh/*
 fi
@@ -36,5 +37,27 @@ then
 fi
 
 
-exit 0
+if [ ! -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
+   exit 0
+fi
 
+echo client=yes > /etc/stunnel/stunnel.conf
+echo foreground=yes >> /etc/stunnel/stunnel.conf
+echo output=/dev/null >> /etc/stunnel/stunnel.conf
+echo verify=0 >> /etc/stunnel/stunnel.conf
+echo '[xcatd]' >> /etc/stunnel/stunnel.conf
+echo accept=400 >> /etc/stunnel/stunnel.conf
+echo connect=$MASTER:3001 >> /etc/stunnel/stunnel.conf
+
+stunnel &
+STUN_PID=$!
+sleep 1
+
+umask 0077
+
+mkdir -p /root/.ssh/
+getcredentials.awk ssh_root_key | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /root/.ssh/id_rsa
+if ! grep "PRIVATE KEY" /root/.ssh/id_rsa > /dev/null 2>&1 ; then
+   rm /root/.ssh/id_rsa
+fi
+kill $STUN_PID