Revert "Extract systemvm.iso using bsdtar (#3536)" (#3800)
This reverts commit 8a55c931e806a64f7f00153d4a58c4463caa7a47.
diff --git a/debian/control b/debian/control
index e9b9be1..3fde8d6 100644
--- a/debian/control
+++ b/debian/control
@@ -9,7 +9,7 @@
Package: cloudstack-common
Architecture: all
-Depends: ${misc:Depends}, ${python:Depends}, genisoimage, nfs-common, bsdtar
+Depends: ${misc:Depends}, ${python:Depends}, genisoimage, nfs-common
Conflicts: cloud-scripts, cloud-utils, cloud-system-iso, cloud-console-proxy, cloud-daemonize, cloud-deps, cloud-python, cloud-setup
Description: A common package which contains files which are shared by several CloudStack packages
diff --git a/packaging/centos7/cloud.spec b/packaging/centos7/cloud.spec
index e7f7b5b..2dbc5ec 100644
--- a/packaging/centos7/cloud.spec
+++ b/packaging/centos7/cloud.spec
@@ -90,7 +90,6 @@
Requires: python3
Requires: python-argparse
Requires: python-netaddr
-Requires: bsdtar
Group: System Environment/Libraries
%description common
The Apache CloudStack files shared between agent and management server
diff --git a/scripts/vm/systemvm/injectkeys.sh b/scripts/vm/systemvm/injectkeys.sh
index b66b8b5..9df1718 100755
--- a/scripts/vm/systemvm/injectkeys.sh
+++ b/scripts/vm/systemvm/injectkeys.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -30,31 +30,35 @@
umask 022
clean_up() {
- rm -rf --preserve-root $MOUNTPATH
-}
-
-backup_iso() {
- $SUDO cp -b ${systemvmpath} ${systemvmpath}.bak
+ $SUDO umount $MOUNTPATH
}
inject_into_iso() {
local isofile=${systemvmpath}
local newpubkey=$2
+ local backup=${isofile}.bak
local tmpiso=${TMP}/$1
mkdir -p $MOUNTPATH
[ ! -f $isofile ] && echo "$(basename $0): Could not find systemvm iso patch file $isofile" && return 1
- bsdtar -C $MOUNTPATH -xf $isofile
- [ $? -ne 0 ] && echo "$(basename $0): Failed to extract original iso $isofile" && clean_up && return 1
+ $SUDO mount -o loop $isofile $MOUNTPATH
+ [ $? -ne 0 ] && echo "$(basename $0): Failed to mount original iso $isofile" && clean_up && return 1
diff -q $MOUNTPATH/authorized_keys $newpubkey &> /dev/null && clean_up && return 0
- backup_iso
+ $SUDO cp -b $isofile $backup
[ $? -ne 0 ] && echo "$(basename $0): Failed to backup original iso $isofile" && clean_up && return 1
- $SUDO cp $newpubkey $MOUNTPATH/authorized_keys
+ rm -rf $TMPDIR
+ mkdir -p $TMPDIR
+ [ ! -d $TMPDIR ] && echo "$(basename $0): Could not find/create temporary dir $TMPDIR" && clean_up && return 1
+ $SUDO cp -fr $MOUNTPATH/* $TMPDIR/
+ [ $? -ne 0 ] && echo "$(basename $0): Failed to copy from original iso $isofile" && clean_up && return 1
+ $SUDO cp $newpubkey $TMPDIR/authorized_keys
[ $? -ne 0 ] && echo "$(basename $0): Failed to copy key $newpubkey from original iso to new iso " && clean_up && return 1
- mkisofs -quiet -r -o $tmpiso $MOUNTPATH
- [ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $MOUNTPATH" && clean_up && return 1
+ mkisofs -quiet -r -o $tmpiso $TMPDIR
+ [ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $TMPDIR" && clean_up && return 1
+ $SUDO umount $MOUNTPATH
+ [ $? -ne 0 ] && echo "$(basename $0): Failed to unmount old iso from $MOUNTPATH" && return 1
$SUDO cp -f $tmpiso $isofile
[ $? -ne 0 ] && echo "$(basename $0): Failed to overwrite old iso $isofile with $tmpiso" && return 1
- clean_up
+ rm -rf $TMPDIR
}
copy_priv_key() {
@@ -70,7 +74,7 @@
SUDO="sudo -n "
fi
-mkdir -p $MOUNTPATH
+$SUDO mkdir -p $MOUNTPATH
[ $# -ne 3 ] && echo "Usage: $(basename $0) <new public key file> <new private key file> <systemvm iso path>" && exit 3
newpubkey=$1
@@ -81,8 +85,17 @@
command -v mkisofs > /dev/null || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4)
-if [ ! -x "$(command -v bsdtar)" ]; then
- echo "bsdtar is unavailable. Skipping ssh key insertion in systemvm.iso"
+# if running into Docker as unprivileges, skip ssh verification as iso cannot be mounted due to missing loop device.
+if [ -f /.dockerenv ]; then
+ if [ -e /dev/loop0 ]; then
+ # it's a docker instance with privileges.
+ inject_into_iso systemvm.iso $newpubkey
+ [ $? -ne 0 ] && exit 5
+ copy_priv_key $newprivkey
+ else
+ # this mean it's a docker instance, ssh key cannot be verify.
+ echo "We run inside Docker, skipping ssh key insertion in systemvm.iso"
+ fi
else
inject_into_iso systemvm.iso $newpubkey
[ $? -ne 0 ] && exit 5
