[one-users] Restricted attributes in VM Templates error
Olivier Sallou
olivier.sallou at irisa.fr
Thu Mar 8 01:29:07 PST 2012
Le 3/8/12 9:50 AM, Akihiko Ota a écrit :
> Hi,
>
> I am using user template variables instead of CONTEXT/FILES.
> For example, each user defines attributes for content of
> /etc/hosts, ~/.ssh/authorized_keys, etc...
> ----------------------------------------------------------------------
> $ oneuser update testuser
>
> CLUSTER_HOSTS="
> 192.168.0.1 vm001 vm001.local
> 192.168.0.2 vm002 vm002.local
> 192.168.0.3 vm003 vm003.local
> 192.168.0.4 vm004 vm004.local
> "
> USER_SSH_KEY="ssh-rsa AAAAB3Nza(..snip..)N3tGeDU= localuser at localhost"
This indeed work if one defines its own template.
I'd like however to automate SSH Key and/or other files setup help with
user id.
I expect to create a template as admin and allow "use" with ACL to users.
This default template makes a copy of user key etc.... help with
CONTEXT/FILES.
Using variables is ok only if user defines his own template. But for
most of my users, honestly, defining a template would be quite obscur.....
> ----------------------------------------------------------------------
>
> And specify to VM template as follows:
> ----------------------------------------------------------------------
> $ vi testvm.one
> (..snip..)
> CONTEXT = [
> user_ssh_key = "$USER[ USER_SSH_KEY ]",
> cluster_hosts = "$USER[ CLUSTER_HOSTS ]",
> (..snip..)
> ]
> ----------------------------------------------------------------------
>
> On VM's part, run the following script on start-up:
> ----------------------------------------------------------------------
> (VM)$ less /etc/rc3.d/S05one_context
> #!/bin/sh
> mount -t iso9660 /dev/cdrom /mnt
> if [ $? -ne 0 ]; then
> echo "CDROM not found"
> exit 0
> fi
> if [ ! -f "/mnt/context.sh" ]; then
> echo "/mnt/context.sh not found"
> exit 0
> fi
>
> . /mnt/context.sh
> umount /mnt
>
> if [ -n "${CLUSTER_HOSTS}" ]; then
> echo "127.0.0.1 localhost" >/etc/hosts
> cat >>/etc/hosts << EOM
> ${CLUSTER_HOSTS}
> EOM
> fi
> if [ -n "${USER_SSH_KEY}" ]; then
> cat >/home/someone/.ssh/authorized_keys << EOM
> ${USER_SSH_KEY}
> EOM
> fi
> (..snip..)
> ----------------------------------------------------------------------
>
> Possibly, this method will collapse when you deal with huge
> values. But I have no problem at the moment.
>
> Thanks,
>
--
Olivier Sallou
IRISA / University of Rennes 1
Campus de Beaulieu, 35000 RENNES - FRANCE
Tel: 02.99.84.71.95
gpg key id: 4096R/326D8438 (keyring.debian.org)
Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438
More information about the Users
mailing list