Index: drbl-virt/sbin/functions_drbl_virt =================================================================== --- drbl-virt/sbin/functions_drbl_virt (revision 190) +++ drbl-virt/sbin/functions_drbl_virt (revision 195) @@ -16,4 +16,5 @@ VMM_select="" + # [Check Root] function check_root(){ @@ -24,4 +25,5 @@ } +# [Change root to run] function check_root_run(){ if [ $USER != "root" ]; then @@ -41,4 +43,5 @@ } + # [Check System Version] function check_systemInfo(){ @@ -47,4 +50,5 @@ Linux_Version=$(lsb_release -r | awk '{print $2}') } + # [Select Hypervisior(Xen/KVM)] @@ -70,4 +74,5 @@ } + # [Check Hypervisior] function check_hypervisior(){ @@ -140,4 +145,5 @@ +# [Tunning Debain env for Xen] function debain-lenny_xen_patch(){ echo xen.independent_wallclock=1 >> /etc/sysctl.conf @@ -148,4 +154,5 @@ +# [Get ethX for DRBL environment usage ] function get_DRBL_eth(){ eths=$(ls /etc/drbl | grep macadr-eth[0-9] | grep [0-9].txt$ | cut -d "-" -f2 | cut -d "." -f1) @@ -160,4 +167,6 @@ } + +# [Get DRBL client IP range] function get_Host_IP_range(){ if [ ! -e /usr/bin/ipcalc ] || [ ! -e /opt/drbl/bin/drbl-get-network ] || [ ! -e /opt/drbl/bin/drbl-get-ipadd ]; then @@ -175,6 +184,7 @@ } + +# [Input VM IP range] function get_VM_IP_range_and_prefix_name(){ - echo "" echo "DRBL client IP range -> $eth: [$Host_first_IP ~ $Host_last_IP]" @@ -213,4 +223,5 @@ +# [Get VM prefix name] #function get_VM_prefix_name(){ #jude="no" @@ -224,4 +235,6 @@ #} + +# [Create VM IP table] function create_VM_IP_table(){ #/etc/drbl-virt/etc/IP_VM_eth @@ -271,4 +284,6 @@ } + +# [Creat VM Mac table] function generate_Xen_MAC_address(){ #echo "eth $eth" @@ -312,4 +327,5 @@ } + #function add_VM_dhcpd_conf(){ ## backup dhcpd.conf @@ -353,2 +369,36 @@ } + +# [create ssh key amd cpoy to client] +function drbl_sshkey(){ +# The reasone we do not to use $HOME is that sudo will not change +# environmental variable $HOME, but it will change the $USER +# we need to know who is really running this after applying sudo. +# say, sudo echo "$HOME", it will show user's home, instead of root's home, +REALHOME=$(LC_ALL=C grep -Ew "^$USER" /etc/passwd | cut -d":" -f6) +drblroot="/tftpboot/nodes" + +if [ ! -f $REALHOME/.ssh/id_rsa ]; then + ssh-keygen -t rsa -q -f $REALHOME/.ssh/id_rsa -N "" +fi + +# Put authorized_keys for the user. 2 cases: +# (1). It is root running drbl-doit. +# (2). It is normal user running drbl-doit. +# For root, we will NOT copy authorized_keys in server, since the root in the client should not share the same authorized_keys with that in server. We only put them in the client. (Note! Every client has its own root directory in $ihost/root/) +# For normal user, we let user can ssh login back to server and other machine without password (Note! This is NFS-based home, so we just have to copy id_rsa.pub as authorized_keys in user's home, then no matter which machine user logins, it will use this key). +if [ "$UID" = "0" ]; then + # for root, copy id_rsa.pub as authorized_keys in clients. + for ihost in $drblroot/*; do + if [ -f "$REALHOME/.ssh/id_rsa.pub" ]; then + mkdir -p $ihost/root/.ssh + cp -af $REALHOME/.ssh/id_rsa.pub $ihost/root/.ssh/authorized_keys + fi + done +else + if [ -f "$REALHOME/.ssh/id_rsa.pub" ]; then + cp -af $REALHOME/.ssh/id_rsa.pub $REALHOME/.ssh/authorized_keys + fi +fi + +}