From 85c3ca8c75022cc5076db08dd53b3823b6684108 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 18 May 2021 15:25:26 -0400 Subject: [PATCH] Pass root password onto diskless if set This honors the administrator setting the password in the confluent database for the diskless node. --- .../lib/dracut/hooks/cmdline/10-confluentdiskless.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/confluent_osdeploy/diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh b/confluent_osdeploy/diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh index bd04e97f..02acdd1f 100644 --- a/confluent_osdeploy/diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh +++ b/confluent_osdeploy/diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh @@ -62,6 +62,8 @@ if [[ $confluent_mgr == *%* ]]; then ifname=${ifname%:} fi needseal=1 +oldumask=$(umask) +umask 0077 while [ -z "$confluent_apikey" ]; do /opt/confluent/bin/clortho $nodename $confluent_mgr > /etc/confluent/confluent.apikey if grep ^SEALED: /etc/confluent/confluent.apikey > /dev/null; then @@ -85,6 +87,7 @@ if [ $needseal == 1 ]; then fi fi curl -sf -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" https://$confluent_mgr/confluent-api/self/deploycfg > /etc/confluent/confluent.deploycfg +umask $oldumask autoconfigmethod=$(grep ipv4_method /etc/confluent/confluent.deploycfg |awk '{print $2}') if [ "$autoconfigmethod" = "dhcp" ]; then echo -n "Attempting to use dhcp to bring up $ifname..." @@ -219,6 +222,14 @@ while [ ! -e /sysroot/sbin/init ]; do sleep 1 done done +rootpassword=$(grep ^rootpassword: /etc/confluent/confluent.deploycfg) +rootpassword=${rootpassword#rootpassword: } +if [ "$rootpassword" = "null" ]; then + rootpassword="" +fi +if [ ! -z "$rootpassword" ]; then + sed -i "s@root:[^:]*:@root:$rootpassword:@" /sysroot/etc/shadow +fi exec /opt/confluent/bin/start_root