[one-users] Restricted attributes in VM Templates error

Akihiko Ota skywalker.37th at gmail.com
Thu Mar 8 00:50:41 PST 2012


Hi,

I am using user template variables instead of CONTEXT/FILES.
For example, each user defines attributes for content of
/etc/hosts, ~/.ssh/authorized_keys, etc...
----------------------------------------------------------------------
$ oneuser update testuser

CLUSTER_HOSTS="
192.168.0.1   vm001 vm001.local
192.168.0.2   vm002 vm002.local
192.168.0.3   vm003 vm003.local
192.168.0.4   vm004 vm004.local
"
USER_SSH_KEY="ssh-rsa AAAAB3Nza(..snip..)N3tGeDU= localuser at localhost"
----------------------------------------------------------------------

And specify to VM template as follows:
----------------------------------------------------------------------
$ vi testvm.one
(..snip..)
CONTEXT = [
  user_ssh_key    = "$USER[ USER_SSH_KEY ]",
  cluster_hosts   = "$USER[ CLUSTER_HOSTS ]",
  (..snip..)
]
----------------------------------------------------------------------

On VM's part, run the following script on start-up:
----------------------------------------------------------------------
(VM)$ less /etc/rc3.d/S05one_context
#!/bin/sh
mount -t iso9660 /dev/cdrom /mnt
if [ $? -ne 0 ]; then
    echo "CDROM not found"
    exit 0
fi
if [ ! -f "/mnt/context.sh" ]; then
    echo "/mnt/context.sh not found"
    exit 0
fi

. /mnt/context.sh
umount /mnt

if [ -n "${CLUSTER_HOSTS}" ]; then
    echo "127.0.0.1    localhost" >/etc/hosts
    cat >>/etc/hosts << EOM
${CLUSTER_HOSTS}
EOM
fi
if [ -n "${USER_SSH_KEY}" ]; then
    cat >/home/someone/.ssh/authorized_keys << EOM
${USER_SSH_KEY}
EOM
fi
(..snip..)
----------------------------------------------------------------------

Possibly, this method will collapse when you deal with huge
values. But I have no problem at the moment.

Thanks,

-- 
Akihiko Ota

2012/3/7 Olivier Sallou <olivier.sallou at irisa.fr>:
> Hi,
> I have a template using some restricted attributes (CONTEXT/FILES).
> Used 'till now by the oneadmin user, there was no issue.
>
> I tried now to give access (use) to a user, but there is an error:
> Restricted attributes in VM Templates error
>
> While I understand that a user cannot create a template using this, I am
> surprised that it is an issue to use a template using it (owned by
> oneadmin).
>
> How can I provide templates to my users using such attributes?
>
> Thanks
>
> Olivier
>
> --
>
>
> gpg key id: 4096R/326D8438  (keyring.debian.org)
> Key fingerprint = 5FB4 6F83 D3B9 5204 6335  D26D 78DC 68DB 326D 8438
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org



More information about the Users mailing list