From 1e0aa634d219be37b5476e6287486a6e5c8c6d90 Mon Sep 17 00:00:00 2001 From: Anders Ingemann Date: Sun, 15 Dec 2013 19:24:41 +0100 Subject: [PATCH] Make admin_user plugin more robust Don't fail if the ec2-get-credentials script is not installed Don't fail if SSH server is not installed --- plugins/admin_user/__init__.py | 5 ++++- plugins/admin_user/tasks.py | 15 ++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/plugins/admin_user/__init__.py b/plugins/admin_user/__init__.py index 44ff246..2ab4592 100644 --- a/plugins/admin_user/__init__.py +++ b/plugins/admin_user/__init__.py @@ -8,8 +8,11 @@ def validate_manifest(data, schema_validate): def resolve_tasks(tasklist, manifest): import tasks + from providers.ec2.tasks import initd + if initd.AddEC2InitScripts in tasklist.tasks: + tasklist.add(tasks.AdminUserCredentials) + tasklist.add(tasks.AddSudoPackage, tasks.CreateAdminUser, tasks.PasswordlessSudo, - tasks.AdminUserCredentials, tasks.DisableRootLogin) diff --git a/plugins/admin_user/tasks.py b/plugins/admin_user/tasks.py index cfe001c..3a0471a 100644 --- a/plugins/admin_user/tasks.py +++ b/plugins/admin_user/tasks.py @@ -59,6 +59,15 @@ class DisableRootLogin(Task): phase = phases.system_modification def run(self, info): - from common.tools import sed_i - sshdconfig_path = os.path.join(info.root, 'etc/ssh/sshd_config') - sed_i(sshdconfig_path, 'PermitRootLogin yes', 'PermitRootLogin no') + from subprocess import CalledProcessError + from common.tools import log_check_call + try: + log_check_call(['/usr/sbin/chroot', info.root, + '/usr/bin/dpkg-query', '-W', 'openssh-server']) + from common.tools import sed_i + sshdconfig_path = os.path.join(info.root, 'etc/ssh/sshd_config') + sed_i(sshdconfig_path, 'PermitRootLogin yes', 'PermitRootLogin no') + except CalledProcessError: + import logging + logging.getLogger(__name__).warn('The OpenSSH server has not been installed, ' + 'not disabling SSH root login.')