... | ... |
@@ -200,14 +200,14 @@ function configure_baremetal_nova_dirs() { |
200 | 200 |
sudo mkdir -p /tftpboot |
201 | 201 |
sudo mkdir -p /tftpboot/pxelinux.cfg |
202 | 202 |
sudo cp /usr/lib/syslinux/pxelinux.0 /tftpboot/ |
203 |
- sudo chown -R `whoami`:libvirtd /tftpboot |
|
203 |
+ sudo chown -R $STACK_USER:libvirtd /tftpboot |
|
204 | 204 |
|
205 | 205 |
# ensure $NOVA_STATE_PATH/baremetal is prepared |
206 | 206 |
sudo mkdir -p $NOVA_STATE_PATH/baremetal |
207 | 207 |
sudo mkdir -p $NOVA_STATE_PATH/baremetal/console |
208 | 208 |
sudo mkdir -p $NOVA_STATE_PATH/baremetal/dnsmasq |
209 | 209 |
sudo touch $NOVA_STATE_PATH/baremetal/dnsmasq/dnsmasq-dhcp.host |
210 |
- sudo chown -R `whoami` $NOVA_STATE_PATH/baremetal |
|
210 |
+ sudo chown -R $STACK_USER $NOVA_STATE_PATH/baremetal |
|
211 | 211 |
|
212 | 212 |
# ensure dnsmasq is installed but not running |
213 | 213 |
# because baremetal driver will reconfigure and restart this as needed |
... | ... |
@@ -9,6 +9,7 @@ |
9 | 9 |
# - OS_AUTH_URL for auth in api |
10 | 10 |
# - DEST set to the destination directory |
11 | 11 |
# - SERVICE_PASSWORD, SERVICE_TENANT_NAME for auth in api |
12 |
+# - STACK_USER service user |
|
12 | 13 |
|
13 | 14 |
# stack.sh |
14 | 15 |
# --------- |
... | ... |
@@ -94,7 +95,7 @@ function configure_ceilometer() { |
94 | 94 |
function init_ceilometer() { |
95 | 95 |
# Create cache dir |
96 | 96 |
sudo mkdir -p $CEILOMETER_AUTH_CACHE_DIR |
97 |
- sudo chown `whoami` $CEILOMETER_AUTH_CACHE_DIR |
|
97 |
+ sudo chown $STACK_USER $CEILOMETER_AUTH_CACHE_DIR |
|
98 | 98 |
rm -f $CEILOMETER_AUTH_CACHE_DIR/* |
99 | 99 |
} |
100 | 100 |
|
... | ... |
@@ -3,7 +3,7 @@ |
3 | 3 |
|
4 | 4 |
# Dependencies: |
5 | 5 |
# - functions |
6 |
-# - DEST, DATA_DIR must be defined |
|
6 |
+# - DEST, DATA_DIR, STACK_USER must be defined |
|
7 | 7 |
# SERVICE_{TENANT_NAME|PASSWORD} must be defined |
8 | 8 |
# ``KEYSTONE_TOKEN_FORMAT`` must be defined |
9 | 9 |
|
... | ... |
@@ -116,7 +116,7 @@ function configure_cinder() { |
116 | 116 |
if [[ ! -d $CINDER_CONF_DIR ]]; then |
117 | 117 |
sudo mkdir -p $CINDER_CONF_DIR |
118 | 118 |
fi |
119 |
- sudo chown `whoami` $CINDER_CONF_DIR |
|
119 |
+ sudo chown $STACK_USER $CINDER_CONF_DIR |
|
120 | 120 |
|
121 | 121 |
cp -p $CINDER_DIR/etc/cinder/policy.json $CINDER_CONF_DIR |
122 | 122 |
|
... | ... |
@@ -306,7 +306,7 @@ function init_cinder() { |
306 | 306 |
|
307 | 307 |
# Create cache dir |
308 | 308 |
sudo mkdir -p $CINDER_AUTH_CACHE_DIR |
309 |
- sudo chown `whoami` $CINDER_AUTH_CACHE_DIR |
|
309 |
+ sudo chown $STACK_USER $CINDER_AUTH_CACHE_DIR |
|
310 | 310 |
rm -f $CINDER_AUTH_CACHE_DIR/* |
311 | 311 |
} |
312 | 312 |
|
... | ... |
@@ -3,7 +3,7 @@ |
3 | 3 |
|
4 | 4 |
# Dependencies: |
5 | 5 |
# ``functions`` file |
6 |
-# ``DEST``, ``DATA_DIR`` must be defined |
|
6 |
+# ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined |
|
7 | 7 |
# ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined |
8 | 8 |
# ``SERVICE_HOST`` |
9 | 9 |
# ``KEYSTONE_TOKEN_FORMAT`` must be defined |
... | ... |
@@ -75,7 +75,7 @@ function configure_glance() { |
75 | 75 |
if [[ ! -d $GLANCE_CONF_DIR ]]; then |
76 | 76 |
sudo mkdir -p $GLANCE_CONF_DIR |
77 | 77 |
fi |
78 |
- sudo chown `whoami` $GLANCE_CONF_DIR |
|
78 |
+ sudo chown $STACK_USER $GLANCE_CONF_DIR |
|
79 | 79 |
|
80 | 80 |
# Copy over our glance configurations and update them |
81 | 81 |
cp $GLANCE_DIR/etc/glance-registry.conf $GLANCE_REGISTRY_CONF |
... | ... |
@@ -158,10 +158,10 @@ function init_glance() { |
158 | 158 |
|
159 | 159 |
# Create cache dir |
160 | 160 |
sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/api |
161 |
- sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/api |
|
161 |
+ sudo chown $STACK_USER $GLANCE_AUTH_CACHE_DIR/api |
|
162 | 162 |
rm -f $GLANCE_AUTH_CACHE_DIR/api/* |
163 | 163 |
sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/registry |
164 |
- sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/registry |
|
164 |
+ sudo chown $STACK_USER $GLANCE_AUTH_CACHE_DIR/registry |
|
165 | 165 |
rm -f $GLANCE_AUTH_CACHE_DIR/registry/* |
166 | 166 |
} |
167 | 167 |
|
... | ... |
@@ -49,7 +49,7 @@ function configure_heat() { |
49 | 49 |
if [[ ! -d $HEAT_CONF_DIR ]]; then |
50 | 50 |
sudo mkdir -p $HEAT_CONF_DIR |
51 | 51 |
fi |
52 |
- sudo chown `whoami` $HEAT_CONF_DIR |
|
52 |
+ sudo chown $STACK_USER $HEAT_CONF_DIR |
|
53 | 53 |
|
54 | 54 |
HEAT_API_CFN_HOST=${HEAT_API_CFN_HOST:-$SERVICE_HOST} |
55 | 55 |
HEAT_API_CFN_PORT=${HEAT_API_CFN_PORT:-8000} |
... | ... |
@@ -7,6 +7,7 @@ |
7 | 7 |
# ``SERVICE_HOST``, ``SERVICE_PROTOCOL`` |
8 | 8 |
# ``SERVICE_TOKEN`` |
9 | 9 |
# ``S3_SERVICE_PORT`` (template backend only) |
10 |
+# ``STACK_USER`` |
|
10 | 11 |
|
11 | 12 |
# ``stack.sh`` calls the entry points in this order: |
12 | 13 |
# |
... | ... |
@@ -79,7 +80,7 @@ function configure_keystone() { |
79 | 79 |
if [[ ! -d $KEYSTONE_CONF_DIR ]]; then |
80 | 80 |
sudo mkdir -p $KEYSTONE_CONF_DIR |
81 | 81 |
fi |
82 |
- sudo chown `whoami` $KEYSTONE_CONF_DIR |
|
82 |
+ sudo chown $STACK_USER $KEYSTONE_CONF_DIR |
|
83 | 83 |
|
84 | 84 |
if [[ "$KEYSTONE_CONF_DIR" != "$KEYSTONE_DIR/etc" ]]; then |
85 | 85 |
cp -p $KEYSTONE_DIR/etc/keystone.conf.sample $KEYSTONE_CONF |
... | ... |
@@ -261,7 +262,7 @@ function init_keystone() { |
261 | 261 |
|
262 | 262 |
# Create cache dir |
263 | 263 |
sudo mkdir -p $KEYSTONE_AUTH_CACHE_DIR |
264 |
- sudo chown `whoami` $KEYSTONE_AUTH_CACHE_DIR |
|
264 |
+ sudo chown $STACK_USER $KEYSTONE_AUTH_CACHE_DIR |
|
265 | 265 |
rm -f $KEYSTONE_AUTH_CACHE_DIR/* |
266 | 266 |
fi |
267 | 267 |
} |
... | ... |
@@ -3,7 +3,7 @@ |
3 | 3 |
|
4 | 4 |
# Dependencies: |
5 | 5 |
# ``functions`` file |
6 |
-# ``DEST``, ``DATA_DIR`` must be defined |
|
6 |
+# ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined |
|
7 | 7 |
# ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined |
8 | 8 |
# ``LIBVIRT_TYPE`` must be defined |
9 | 9 |
# ``INSTANCE_NAME_PREFIX``, ``VOLUME_NAME_PREFIX`` must be defined |
... | ... |
@@ -149,7 +149,7 @@ function configure_nova() { |
149 | 149 |
if [[ ! -d $NOVA_CONF_DIR ]]; then |
150 | 150 |
sudo mkdir -p $NOVA_CONF_DIR |
151 | 151 |
fi |
152 |
- sudo chown `whoami` $NOVA_CONF_DIR |
|
152 |
+ sudo chown $STACK_USER $NOVA_CONF_DIR |
|
153 | 153 |
|
154 | 154 |
cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR |
155 | 155 |
|
... | ... |
@@ -277,7 +277,7 @@ EOF" |
277 | 277 |
if ! getent group libvirtd >/dev/null; then |
278 | 278 |
sudo groupadd libvirtd |
279 | 279 |
fi |
280 |
- add_user_to_group `whoami` libvirtd |
|
280 |
+ add_user_to_group $STACK_USER libvirtd |
|
281 | 281 |
|
282 | 282 |
# libvirt detects various settings on startup, as we potentially changed |
283 | 283 |
# the system configuration (modules, filesystems), we need to restart |
... | ... |
@@ -297,7 +297,7 @@ EOF" |
297 | 297 |
if [ -L /dev/disk/by-label/nova-instances ]; then |
298 | 298 |
if ! mount -n | grep -q $NOVA_INSTANCES_PATH; then |
299 | 299 |
sudo mount -L nova-instances $NOVA_INSTANCES_PATH |
300 |
- sudo chown -R `whoami` $NOVA_INSTANCES_PATH |
|
300 |
+ sudo chown -R $STACK_USER $NOVA_INSTANCES_PATH |
|
301 | 301 |
fi |
302 | 302 |
fi |
303 | 303 |
|
... | ... |
@@ -474,13 +474,13 @@ function init_nova() { |
474 | 474 |
|
475 | 475 |
# Create cache dir |
476 | 476 |
sudo mkdir -p $NOVA_AUTH_CACHE_DIR |
477 |
- sudo chown `whoami` $NOVA_AUTH_CACHE_DIR |
|
477 |
+ sudo chown $STACK_USER $NOVA_AUTH_CACHE_DIR |
|
478 | 478 |
rm -f $NOVA_AUTH_CACHE_DIR/* |
479 | 479 |
|
480 | 480 |
# Create the keys folder |
481 | 481 |
sudo mkdir -p ${NOVA_STATE_PATH}/keys |
482 | 482 |
# make sure we own NOVA_STATE_PATH and all subdirs |
483 |
- sudo chown -R `whoami` ${NOVA_STATE_PATH} |
|
483 |
+ sudo chown -R $STACK_USER ${NOVA_STATE_PATH} |
|
484 | 484 |
} |
485 | 485 |
|
486 | 486 |
# install_novaclient() - Collect source and prepare |
... | ... |
@@ -390,7 +390,7 @@ function _configure_quantum_common() { |
390 | 390 |
if [[ ! -d $QUANTUM_CONF_DIR ]]; then |
391 | 391 |
sudo mkdir -p $QUANTUM_CONF_DIR |
392 | 392 |
fi |
393 |
- sudo chown `whoami` $QUANTUM_CONF_DIR |
|
393 |
+ sudo chown $STACK_USER $QUANTUM_CONF_DIR |
|
394 | 394 |
|
395 | 395 |
cp $QUANTUM_DIR/etc/quantum.conf $QUANTUM_CONF |
396 | 396 |
|
... | ... |
@@ -742,7 +742,7 @@ function _quantum_setup_keystone() { |
742 | 742 |
iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR |
743 | 743 |
# Create cache dir |
744 | 744 |
sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR |
745 |
- sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR |
|
745 |
+ sudo chown $STACK_USER $QUANTUM_AUTH_CACHE_DIR |
|
746 | 746 |
rm -f $QUANTUM_AUTH_CACHE_DIR/* |
747 | 747 |
} |
748 | 748 |
|
... | ... |
@@ -4,6 +4,7 @@ |
4 | 4 |
# Dependencies: |
5 | 5 |
# ``functions`` file |
6 | 6 |
# ``DEST``, ``SCREEN_NAME``, `SWIFT_HASH` must be defined |
7 |
+# ``STACK_USER`` must be defined |
|
7 | 8 |
# ``SWIFT_DATA_DIR`` or ``DATA_DIR`` must be defined |
8 | 9 |
# ``lib/keystone`` file |
9 | 10 |
# ``stack.sh`` calls the entry points in this order: |
... | ... |
@@ -333,7 +334,7 @@ function init_swift() { |
333 | 333 |
|
334 | 334 |
# Create cache dir |
335 | 335 |
sudo mkdir -p $SWIFT_AUTH_CACHE_DIR |
336 |
- sudo chown `whoami` $SWIFT_AUTH_CACHE_DIR |
|
336 |
+ sudo chown $STACK_USER $SWIFT_AUTH_CACHE_DIR |
|
337 | 337 |
rm -f $SWIFT_AUTH_CACHE_DIR/* |
338 | 338 |
} |
339 | 339 |
|
... | ... |
@@ -177,40 +177,43 @@ VERBOSE=$(trueorfalse True $VERBOSE) |
177 | 177 |
# sudo privileges and runs as that user. |
178 | 178 |
|
179 | 179 |
if [[ $EUID -eq 0 ]]; then |
180 |
+ STACK_USER=$DEFAULT_STACK_USER |
|
180 | 181 |
ROOTSLEEP=${ROOTSLEEP:-10} |
181 | 182 |
echo "You are running this script as root." |
182 |
- echo "In $ROOTSLEEP seconds, we will create a user 'stack' and run as that user" |
|
183 |
+ echo "In $ROOTSLEEP seconds, we will create a user '$STACK_USER' and run as that user" |
|
183 | 184 |
sleep $ROOTSLEEP |
184 | 185 |
|
185 | 186 |
# Give the non-root user the ability to run as **root** via ``sudo`` |
186 | 187 |
is_package_installed sudo || install_package sudo |
187 |
- if ! getent group stack >/dev/null; then |
|
188 |
- echo "Creating a group called stack" |
|
189 |
- groupadd stack |
|
188 |
+ if ! getent group $STACK_USER >/dev/null; then |
|
189 |
+ echo "Creating a group called $STACK_USER" |
|
190 |
+ groupadd $STACK_USER |
|
190 | 191 |
fi |
191 |
- if ! getent passwd stack >/dev/null; then |
|
192 |
- echo "Creating a user called stack" |
|
193 |
- useradd -g stack -s /bin/bash -d $DEST -m stack |
|
192 |
+ if ! getent passwd $STACK_USER >/dev/null; then |
|
193 |
+ echo "Creating a user called $STACK_USER" |
|
194 |
+ useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER |
|
194 | 195 |
fi |
195 | 196 |
|
196 | 197 |
echo "Giving stack user passwordless sudo privileges" |
197 | 198 |
# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one |
198 | 199 |
grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers || |
199 | 200 |
echo "#includedir /etc/sudoers.d" >> /etc/sudoers |
200 |
- ( umask 226 && echo "stack ALL=(ALL) NOPASSWD:ALL" \ |
|
201 |
+ ( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \ |
|
201 | 202 |
> /etc/sudoers.d/50_stack_sh ) |
202 | 203 |
|
203 |
- echo "Copying files to stack user" |
|
204 |
+ echo "Copying files to $STACK_USER user" |
|
204 | 205 |
STACK_DIR="$DEST/${TOP_DIR##*/}" |
205 | 206 |
cp -r -f -T "$TOP_DIR" "$STACK_DIR" |
206 |
- chown -R stack "$STACK_DIR" |
|
207 |
+ chown -R $STACK_USER "$STACK_DIR" |
|
208 |
+ cd "$STACK_DIR" |
|
207 | 209 |
if [[ "$SHELL_AFTER_RUN" != "no" ]]; then |
208 |
- exec su -c "set -e; cd $STACK_DIR; bash stack.sh; bash" stack |
|
210 |
+ exec sudo -u $STACK_USER bash -l -c "set -e; bash stack.sh; bash" |
|
209 | 211 |
else |
210 |
- exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack |
|
212 |
+ exec sudo -u $STACK_USER bash -l -c "set -e; source stack.sh" |
|
211 | 213 |
fi |
212 | 214 |
exit 1 |
213 | 215 |
else |
216 |
+ STACK_USER=`whoami` |
|
214 | 217 |
# We're not **root**, make sure ``sudo`` is available |
215 | 218 |
is_package_installed sudo || die "Sudo is required. Re-run stack.sh as root ONE TIME ONLY to set up sudo." |
216 | 219 |
|
... | ... |
@@ -220,10 +223,10 @@ else |
220 | 220 |
|
221 | 221 |
# Set up devstack sudoers |
222 | 222 |
TEMPFILE=`mktemp` |
223 |
- echo "`whoami` ALL=(root) NOPASSWD:ALL" >$TEMPFILE |
|
223 |
+ echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE |
|
224 | 224 |
# Some binaries might be under /sbin or /usr/sbin, so make sure sudo will |
225 | 225 |
# see them by forcing PATH |
226 |
- echo "Defaults:`whoami` secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE |
|
226 |
+ echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE |
|
227 | 227 |
chmod 0440 $TEMPFILE |
228 | 228 |
sudo chown root:root $TEMPFILE |
229 | 229 |
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh |
... | ... |
@@ -235,7 +238,7 @@ fi |
235 | 235 |
# Create the destination directory and ensure it is writable by the user |
236 | 236 |
sudo mkdir -p $DEST |
237 | 237 |
if [ ! -w $DEST ]; then |
238 |
- sudo chown `whoami` $DEST |
|
238 |
+ sudo chown $STACK_USER $DEST |
|
239 | 239 |
fi |
240 | 240 |
|
241 | 241 |
# Set ``OFFLINE`` to ``True`` to configure ``stack.sh`` to run cleanly without |
... | ... |
@@ -251,7 +254,7 @@ ERROR_ON_CLONE=`trueorfalse False $ERROR_ON_CLONE` |
251 | 251 |
# Destination path for service data |
252 | 252 |
DATA_DIR=${DATA_DIR:-${DEST}/data} |
253 | 253 |
sudo mkdir -p $DATA_DIR |
254 |
-sudo chown `whoami` $DATA_DIR |
|
254 |
+sudo chown $STACK_USER $DATA_DIR |
|
255 | 255 |
|
256 | 256 |
|
257 | 257 |
# Common Configuration |
... | ... |
@@ -12,6 +12,9 @@ DATA_DIR=${DEST}/data |
12 | 12 |
# Select the default database |
13 | 13 |
DATABASE_TYPE=mysql |
14 | 14 |
|
15 |
+# Default stack user |
|
16 |
+DEFAULT_STACK_USER=stack |
|
17 |
+ |
|
15 | 18 |
# Specify which services to launch. These generally correspond to |
16 | 19 |
# screen tabs. To change the default list, use the ``enable_service`` and |
17 | 20 |
# ``disable_service`` functions in ``localrc``. |
... | ... |
@@ -125,17 +125,17 @@ if [ ! -r $DEV_FILE ]; then |
125 | 125 |
# Create a stack user that is a member of the libvirtd group so that stack |
126 | 126 |
# is able to interact with libvirt. |
127 | 127 |
chroot $MNTDIR groupadd libvirtd |
128 |
- chroot $MNTDIR useradd stack -s /bin/bash -d $DEST -G libvirtd |
|
128 |
+ chroot $MNTDIR useradd $DEFAULT_STACK_USER -s /bin/bash -d $DEST -G libvirtd |
|
129 | 129 |
mkdir -p $MNTDIR/$DEST |
130 |
- chroot $MNTDIR chown stack $DEST |
|
130 |
+ chroot $MNTDIR chown $DEFAULT_STACK_USER $DEST |
|
131 | 131 |
|
132 | 132 |
# A simple password - pass |
133 |
- echo stack:pass | chroot $MNTDIR chpasswd |
|
133 |
+ echo $DEFAULT_STACK_USER:pass | chroot $MNTDIR chpasswd |
|
134 | 134 |
echo root:$ROOT_PASSWORD | chroot $MNTDIR chpasswd |
135 | 135 |
|
136 | 136 |
# And has sudo ability (in the future this should be limited to only what |
137 | 137 |
# stack requires) |
138 |
- echo "stack ALL=(ALL) NOPASSWD: ALL" >> $MNTDIR/etc/sudoers |
|
138 |
+ echo "$DEFAULT_STACK_USER ALL=(ALL) NOPASSWD: ALL" >> $MNTDIR/etc/sudoers |
|
139 | 139 |
|
140 | 140 |
umount $MNTDIR |
141 | 141 |
rmdir $MNTDIR |
... | ... |
@@ -187,7 +187,7 @@ git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH |
187 | 187 |
# Use this version of devstack |
188 | 188 |
rm -rf $MNTDIR/$DEST/devstack |
189 | 189 |
cp -pr $CWD $MNTDIR/$DEST/devstack |
190 |
-chroot $MNTDIR chown -R stack $DEST/devstack |
|
190 |
+chroot $MNTDIR chown -R $DEFAULT_STACK_USER $DEST/devstack |
|
191 | 191 |
|
192 | 192 |
# Configure host network for DHCP |
193 | 193 |
mkdir -p $MNTDIR/etc/network |
... | ... |
@@ -225,7 +225,7 @@ EOF |
225 | 225 |
|
226 | 226 |
# Make the run.sh executable |
227 | 227 |
chmod 755 $RUN_SH |
228 |
-chroot $MNTDIR chown stack $DEST/run.sh |
|
228 |
+chroot $MNTDIR chown $DEFAULT_STACK_USER $DEST/run.sh |
|
229 | 229 |
|
230 | 230 |
umount $MNTDIR |
231 | 231 |
rmdir $MNTDIR |
... | ... |
@@ -207,11 +207,11 @@ ROOTSLEEP=0 |
207 | 207 |
`cat $TOP_DIR/localrc` |
208 | 208 |
LOCAL_EOF |
209 | 209 |
fi |
210 |
-useradd -U -G sudo -s /bin/bash -d /opt/stack -m stack |
|
211 |
-echo stack:pass | chpasswd |
|
210 |
+useradd -U -G sudo -s /bin/bash -d /opt/stack -m $DEFAULT_STACK_USER |
|
211 |
+echo $DEFAULT_STACK_USER:pass | chpasswd |
|
212 | 212 |
mkdir -p /opt/stack/.ssh |
213 | 213 |
echo "$PUB_KEY" > /opt/stack/.ssh/authorized_keys |
214 |
-chown -R stack /opt/stack |
|
214 |
+chown -R $DEFAULT_STACK_USER /opt/stack |
|
215 | 215 |
chmod 700 /opt/stack/.ssh |
216 | 216 |
chmod 600 /opt/stack/.ssh/authorized_keys |
217 | 217 |
|
... | ... |
@@ -224,7 +224,7 @@ fi |
224 | 224 |
|
225 | 225 |
# Run stack.sh |
226 | 226 |
cat >> $vm_dir/uec/user-data<<EOF |
227 |
-su -c "cd /opt/stack/devstack && ./stack.sh" stack |
|
227 |
+sudo -u $DEFAULT_STACK_USER bash -l -c "cd /opt/stack/devstack && ./stack.sh" |
|
228 | 228 |
EOF |
229 | 229 |
|
230 | 230 |
# (re)start a metadata service |
... | ... |
@@ -18,6 +18,9 @@ TOP_DIR=$(cd $TOOLS_DIR/..; pwd) |
18 | 18 |
# Change dir to top of devstack |
19 | 19 |
cd $TOP_DIR |
20 | 20 |
|
21 |
+# Source params |
|
22 |
+source ./stackrc |
|
23 |
+ |
|
21 | 24 |
# Echo usage |
22 | 25 |
usage() { |
23 | 26 |
echo "Add stack user and keys" |
... | ... |
@@ -43,13 +46,13 @@ mkdir -p $STAGING_DIR/$DEST |
43 | 43 |
# Create a stack user that is a member of the libvirtd group so that stack |
44 | 44 |
# is able to interact with libvirt. |
45 | 45 |
chroot $STAGING_DIR groupadd libvirtd || true |
46 |
-chroot $STAGING_DIR useradd stack -s /bin/bash -d $DEST -G libvirtd || true |
|
46 |
+chroot $STAGING_DIR useradd $DEFAULT_STACK_USER -s /bin/bash -d $DEST -G libvirtd || true |
|
47 | 47 |
|
48 | 48 |
# Add a simple password - pass |
49 |
-echo stack:pass | chroot $STAGING_DIR chpasswd |
|
49 |
+echo $DEFAULT_STACK_USER:pass | chroot $STAGING_DIR chpasswd |
|
50 | 50 |
|
51 | 51 |
# Configure sudo |
52 |
-( umask 226 && echo "stack ALL=(ALL) NOPASSWD:ALL" \ |
|
52 |
+( umask 226 && echo "$DEFAULT_STACK_USER ALL=(ALL) NOPASSWD:ALL" \ |
|
53 | 53 |
> $STAGING_DIR/etc/sudoers.d/50_stack_sh ) |
54 | 54 |
|
55 | 55 |
# Copy over your ssh keys and env if desired |
... | ... |
@@ -64,7 +67,7 @@ rm -rf $STAGING_DIR/$DEST/devstack |
64 | 64 |
cp_it . $STAGING_DIR/$DEST/devstack |
65 | 65 |
|
66 | 66 |
# Give stack ownership over $DEST so it may do the work needed |
67 |
-chroot $STAGING_DIR chown -R stack $DEST |
|
67 |
+chroot $STAGING_DIR chown -R $DEFAULT_STACK_USER $DEST |
|
68 | 68 |
|
69 | 69 |
# Unmount |
70 | 70 |
umount $STAGING_DIR |
... | ... |
@@ -65,8 +65,8 @@ cd $TOP_DIR |
65 | 65 |
cat <<EOF >$STAGING_DIR/etc/rc.local |
66 | 66 |
# network restart required for getting the right gateway |
67 | 67 |
/etc/init.d/networking restart |
68 |
-chown -R stack /opt/stack |
|
69 |
-su -c "/opt/stack/run.sh > /opt/stack/run.sh.log" stack |
|
68 |
+chown -R $DEFAULT_STACK_USER /opt/stack |
|
69 |
+su -c "/opt/stack/run.sh > /opt/stack/run.sh.log" $DEFAULT_STACK_USER |
|
70 | 70 |
exit 0 |
71 | 71 |
EOF |
72 | 72 |
|
... | ... |
@@ -19,6 +19,7 @@ GUEST_PASSWORD=${GUEST_PASSWORD:-secrete} |
19 | 19 |
STAGING_DIR=${STAGING_DIR:-stage} |
20 | 20 |
DO_TGZ=${DO_TGZ:-1} |
21 | 21 |
XS_TOOLS_PATH=${XS_TOOLS_PATH:-"/root/xs-tools.deb"} |
22 |
+STACK_USER=${STACK_USER:-stack} |
|
22 | 23 |
|
23 | 24 |
# Install basics |
24 | 25 |
chroot $STAGING_DIR apt-get update |
... | ... |
@@ -46,12 +47,12 @@ rm -f $STAGING_DIR/etc/localtime |
46 | 46 |
|
47 | 47 |
# Add stack user |
48 | 48 |
chroot $STAGING_DIR groupadd libvirtd |
49 |
-chroot $STAGING_DIR useradd stack -s /bin/bash -d /opt/stack -G libvirtd |
|
50 |
-echo stack:$GUEST_PASSWORD | chroot $STAGING_DIR chpasswd |
|
51 |
-echo "stack ALL=(ALL) NOPASSWD: ALL" >> $STAGING_DIR/etc/sudoers |
|
49 |
+chroot $STAGING_DIR useradd $STACK_USER -s /bin/bash -d /opt/stack -G libvirtd |
|
50 |
+echo $STACK_USER:$GUEST_PASSWORD | chroot $STAGING_DIR chpasswd |
|
51 |
+echo "$STACK_USER ALL=(ALL) NOPASSWD: ALL" >> $STAGING_DIR/etc/sudoers |
|
52 | 52 |
|
53 | 53 |
# Give ownership of /opt/stack to stack user |
54 |
-chroot $STAGING_DIR chown -R stack /opt/stack |
|
54 |
+chroot $STAGING_DIR chown -R $STACK_USER /opt/stack |
|
55 | 55 |
|
56 | 56 |
# Make our ip address hostnames look nice at the command prompt |
57 | 57 |
echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $STAGING_DIR/opt/stack/.bashrc |