From 40197fa7f143d0769dba7f9f048eae9d387b58da Mon Sep 17 00:00:00 2001 From: Lucas Alvares Gomes Date: Tue, 1 Dec 2015 14:08:49 +0000 Subject: [PATCH] Follow up patch for 25d3ee547176528e86d42eb026c99a134dff9452 This patch is a follow up patch fixing some nits left by the review 25d3ee547176528e86d42eb026c99a134dff9452. It does: * Fix the README file to say that the password *must* be encrypted and the option values *must* be quoted * Adds Type=oneshot in the upstart service config file so that upstart will not try to restart the service over and over. * Enable setu, sete and setpipefail in the dynamic-login script Change-Id: Iee5d75daef24469ccf47ca12de6ead37bf9d8d6f --- elements/dynamic-login/README.rst | 4 ++-- .../dynamic-login/init-scripts/systemd/dynamic-login.service | 1 + elements/dynamic-login/static/usr/local/bin/dynamic-login | 5 ++++- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/elements/dynamic-login/README.rst b/elements/dynamic-login/README.rst index 0fb198bf7..0bb510d26 100644 --- a/elements/dynamic-login/README.rst +++ b/elements/dynamic-login/README.rst @@ -27,13 +27,13 @@ rootpwd :Description: If the operator append rootpwd="$ENCRYPTED_PASSWORD" to the kernel command line on boot, the helper script will set the root password to the one specified by this option. Note that - this password should be **encrypted**. Encrypted passwords + this password must be **encrypted**. Encrypted passwords can be generated using the ``openssl`` command, e.g: *openssl passwd -1*. .. note:: - The value of these parameters should be **quoted**, e.g: sshkey="ssh-rsa + The value of these parameters must be **quoted**, e.g: sshkey="ssh-rsa BBBA1NBzaC1yc2E ..." diff --git a/elements/dynamic-login/init-scripts/systemd/dynamic-login.service b/elements/dynamic-login/init-scripts/systemd/dynamic-login.service index d83e7bd38..8f7a2cef7 100644 --- a/elements/dynamic-login/init-scripts/systemd/dynamic-login.service +++ b/elements/dynamic-login/init-scripts/systemd/dynamic-login.service @@ -3,6 +3,7 @@ Description=Dynamic Login After=network.target [Service] +Type=oneshot ExecStart=/usr/local/bin/dynamic-login [Install] diff --git a/elements/dynamic-login/static/usr/local/bin/dynamic-login b/elements/dynamic-login/static/usr/local/bin/dynamic-login index 823ea90cb..5f2534a58 100755 --- a/elements/dynamic-login/static/usr/local/bin/dynamic-login +++ b/elements/dynamic-login/static/usr/local/bin/dynamic-login @@ -1,5 +1,5 @@ #!/bin/bash -# dib-lint: disable=setu sete setpipefail dibdebugtrace +# dib-lint: disable=dibdebugtrace # Copyright 2015 Red Hat, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -14,6 +14,9 @@ # License for the specific language governing permissions and limitations # under the License. +set -eu +set -o pipefail + # Reads an encrypted root password from the kernel command line and set # it to the root user if [[ $(