[PATCH master 20/25] Add option to "InitSSHSetup" to create additional keys

Tue, 02 Sep 2014 07:20:12 -0700 

This adds an option to 'InitSSHSetup' to not override
the SSH key, but create an additional one with a suffix.
This will be used to replace the master node's SSH key,
but keeping the old one a little longer to distribute the
new one.

Signed-off-by: Helga Velroyen <hel...@google.com>
---
 lib/ssh.py                     | 13 +++++++++----
 test/py/ganeti.ssh_unittest.py |  8 ++++++++
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/lib/ssh.py b/lib/ssh.py
index 7e2f64c..3ede50e 100644
--- a/lib/ssh.py
+++ b/lib/ssh.py
@@ -636,7 +636,8 @@ def QueryPubKeyFile(target_uuids, 
key_file=pathutils.SSH_PUB_KEYS,
   return result
 
 
-def InitSSHSetup(error_fn=errors.OpPrereqError, _homedir_fn=None):
+def InitSSHSetup(error_fn=errors.OpPrereqError, _homedir_fn=None,
+                 _suffix=""):
   """Setup the SSH configuration for the node.
 
   This generates a dsa keypair for root, adds the pub key to the
@@ -649,16 +650,20 @@ def InitSSHSetup(error_fn=errors.OpPrereqError, 
_homedir_fn=None):
   for name in priv_key, pub_key:
     if os.path.exists(name):
       utils.CreateBackup(name)
-    utils.RemoveFile(name)
+    if len(_suffix) == 0:
+      utils.RemoveFile(name)
+
+  new_priv_key_name = priv_key + _suffix
+  new_pub_key_name = priv_key + _suffix + ".pub"
 
   result = utils.RunCmd(["ssh-keygen", "-t", "dsa",
-                         "-f", priv_key,
+                         "-f", new_priv_key_name,
                          "-q", "-N", ""])
   if result.failed:
     raise error_fn("Could not generate ssh keypair, error %s" %
                    result.output)
 
-  AddAuthorizedKey(auth_keys, utils.ReadFile(pub_key))
+  AddAuthorizedKey(auth_keys, utils.ReadFile(new_pub_key_name))
 
 
 def InitPubKeyFile(master_uuid, key_file=pathutils.SSH_PUB_KEYS):
diff --git a/test/py/ganeti.ssh_unittest.py b/test/py/ganeti.ssh_unittest.py
index 635426f..1826588 100755
--- a/test/py/ganeti.ssh_unittest.py
+++ b/test/py/ganeti.ssh_unittest.py
@@ -447,6 +447,14 @@ class TestGetUserFiles(testutils.GanetiTestCase):
     self.assertFileContentNotEqual(self.priv_filename, self._PRIV_KEY)
     self.assertFileContentNotEqual(self.pub_filename, self._PUB_KEY)
 
+  def testSuffix(self):
+    suffix = "_pinkbunny"
+    ssh.InitSSHSetup(_homedir_fn=self._GetTempHomedir, _suffix=suffix)
+    self.assertFileContent(self.priv_filename, self._PRIV_KEY)
+    self.assertFileContent(self.pub_filename, self._PUB_KEY)
+    self.assertTrue(os.path.exists(self.priv_filename + suffix))
+    self.assertTrue(os.path.exists(self.priv_filename + suffix + ".pub"))
+
 
 if __name__ == "__main__":
   testutils.GanetiTestProgram()
-- 
2.1.0.rc2.206.gedb03e5

Reply via email to