Skip to content

Commit 8a55c93

Browse files
cl-k-takahashiandrijapanicsb
cl-k-takahashi
authored and
andrijapanicsb
committed
Extract systemvm.iso using bsdtar (#3536)
* Extract systemvm.iso using bsdtar if available. Signed-off-by: Kai Takahashi <k-takahashi@creationline.com> * New dependency for CentOS 7 and Debian: bsdtar bsdtar can extract iso images without mounting. Signed-off-by: Kai Takahashi <k-takahashi@creationline.com> * Remove all 'mount' and 'umount' command call(s). Signed-off-by: Kai Takahashi <k-takahashi@creationline.com>
1 parent d868cd1 commit 8a55c93

File tree

3 files changed

+19
-31
lines changed

3 files changed

+19
-31
lines changed

debian/control

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ Homepage: http://www.cloudstack.org/
99

1010
Package: cloudstack-common
1111
Architecture: all
12-
Depends: ${misc:Depends}, ${python:Depends}, genisoimage, nfs-common
12+
Depends: ${misc:Depends}, ${python:Depends}, genisoimage, nfs-common, bsdtar
1313
Conflicts: cloud-scripts, cloud-utils, cloud-system-iso, cloud-console-proxy, cloud-daemonize, cloud-deps, cloud-python, cloud-setup
1414
Description: A common package which contains files which are shared by several CloudStack packages
1515

packaging/centos7/cloud.spec

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ Requires: python
9090
Requires: python3
9191
Requires: python-argparse
9292
Requires: python-netaddr
93+
Requires: bsdtar
9394
Group: System Environment/Libraries
9495
%description common
9596
The Apache CloudStack files shared between agent and management server

scripts/vm/systemvm/injectkeys.sh

Lines changed: 17 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,9 @@
66
# to you under the Apache License, Version 2.0 (the
77
# "License"); you may not use this file except in compliance
88
# with the License. You may obtain a copy of the License at
9-
#
9+
#
1010
# http://www.apache.org/licenses/LICENSE-2.0
11-
#
11+
#
1212
# Unless required by applicable law or agreed to in writing,
1313
# software distributed under the License is distributed on an
1414
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -30,35 +30,31 @@ TMPDIR=${TMP}/cloud/systemvm
3030
umask 022
3131

3232
clean_up() {
33-
$SUDO umount $MOUNTPATH
33+
rm -rf --preserve-root $MOUNTPATH
34+
}
35+
36+
backup_iso() {
37+
$SUDO cp -b ${systemvmpath} ${systemvmpath}.bak
3438
}
3539

3640
inject_into_iso() {
3741
local isofile=${systemvmpath}
3842
local newpubkey=$2
39-
local backup=${isofile}.bak
4043
local tmpiso=${TMP}/$1
4144
mkdir -p $MOUNTPATH
4245
[ ! -f $isofile ] && echo "$(basename $0): Could not find systemvm iso patch file $isofile" && return 1
43-
$SUDO mount -o loop $isofile $MOUNTPATH
44-
[ $? -ne 0 ] && echo "$(basename $0): Failed to mount original iso $isofile" && clean_up && return 1
46+
bsdtar -C $MOUNTPATH -xf $isofile
47+
[ $? -ne 0 ] && echo "$(basename $0): Failed to extract original iso $isofile" && clean_up && return 1
4548
diff -q $MOUNTPATH/authorized_keys $newpubkey &> /dev/null && clean_up && return 0
46-
$SUDO cp -b $isofile $backup
49+
backup_iso
4750
[ $? -ne 0 ] && echo "$(basename $0): Failed to backup original iso $isofile" && clean_up && return 1
48-
rm -rf $TMPDIR
49-
mkdir -p $TMPDIR
50-
[ ! -d $TMPDIR ] && echo "$(basename $0): Could not find/create temporary dir $TMPDIR" && clean_up && return 1
51-
$SUDO cp -fr $MOUNTPATH/* $TMPDIR/
52-
[ $? -ne 0 ] && echo "$(basename $0): Failed to copy from original iso $isofile" && clean_up && return 1
53-
$SUDO cp $newpubkey $TMPDIR/authorized_keys
51+
$SUDO cp $newpubkey $MOUNTPATH/authorized_keys
5452
[ $? -ne 0 ] && echo "$(basename $0): Failed to copy key $newpubkey from original iso to new iso " && clean_up && return 1
55-
mkisofs -quiet -r -o $tmpiso $TMPDIR
56-
[ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $TMPDIR" && clean_up && return 1
57-
$SUDO umount $MOUNTPATH
58-
[ $? -ne 0 ] && echo "$(basename $0): Failed to unmount old iso from $MOUNTPATH" && return 1
53+
mkisofs -quiet -r -o $tmpiso $MOUNTPATH
54+
[ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $MOUNTPATH" && clean_up && return 1
5955
$SUDO cp -f $tmpiso $isofile
6056
[ $? -ne 0 ] && echo "$(basename $0): Failed to overwrite old iso $isofile with $tmpiso" && return 1
61-
rm -rf $TMPDIR
57+
clean_up
6258
}
6359

6460
copy_priv_key() {
@@ -74,7 +70,7 @@ then
7470
SUDO="sudo -n "
7571
fi
7672

77-
$SUDO mkdir -p $MOUNTPATH
73+
mkdir -p $MOUNTPATH
7874

7975
[ $# -ne 3 ] && echo "Usage: $(basename $0) <new public key file> <new private key file> <systemvm iso path>" && exit 3
8076
newpubkey=$1
@@ -85,17 +81,8 @@ systemvmpath=$3
8581

8682
command -v mkisofs > /dev/null || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4)
8783

88-
# if running into Docker as unprivileges, skip ssh verification as iso cannot be mounted due to missing loop device.
89-
if [ -f /.dockerenv ]; then
90-
if [ -e /dev/loop0 ]; then
91-
# it's a docker instance with privileges.
92-
inject_into_iso systemvm.iso $newpubkey
93-
[ $? -ne 0 ] && exit 5
94-
copy_priv_key $newprivkey
95-
else
96-
# this mean it's a docker instance, ssh key cannot be verify.
97-
echo "We run inside Docker, skipping ssh key insertion in systemvm.iso"
98-
fi
84+
if [ ! -x "$(command -v bsdtar)" ]; then
85+
echo "bsdtar is unavailable. Skipping ssh key insertion in systemvm.iso"
9986
else
10087
inject_into_iso systemvm.iso $newpubkey
10188
[ $? -ne 0 ] && exit 5

0 commit comments

Comments
 (0)