diff options
| -rwxr-xr-x | sbin/itzks-update-disklserver-squashfs-images | 25 | 
1 files changed, 25 insertions, 0 deletions
| diff --git a/sbin/itzks-update-disklserver-squashfs-images b/sbin/itzks-update-disklserver-squashfs-images index cfe229c..73c1ae7 100755 --- a/sbin/itzks-update-disklserver-squashfs-images +++ b/sbin/itzks-update-disklserver-squashfs-images @@ -63,6 +63,31 @@ for chroot in ${ltsp_chroots}; do  		continue  	fi +	# several chroot preparations (also helpful when directly booting the nfsroot)... + +	# These preparations run with every script execution (i.e. daily via CRON) to make sure the +	# NFS chroot is updated. + +	# Copy an appropriate SSH secret key for DLWs to ${LTSP_OPT}/${chroot}/root/.ssh/id_<crypto>. +	# Currently we prefer disklserver:/root/.ssh/id_<crypto>.DLW and fall back to the host's private key file +	# (i.e. disklserver:/root/.ssh/id_<crypto>). +	for priv_key_file in id_ecdsa id_ecdsa_sk id_ed25519 id_ed25519_sk d_rsa; do + +		if [ -e "/root/.ssh/${priv_key_file}.DLW" ] && [ ! -e "${LTSP_OPT}/${chroot}/root/.ssh/${priv_key_file}" ]; then +			cp "/root/.ssh/${priv_key_file}.DLW" "${LTSP_OPT}/${chroot}/root/.ssh/${priv_key_file}" +		elif [ -e "/root/.ssh/${priv_key_file}" ] && [ ! -e "${LTSP_OPT}/${chroot}/root/.ssh/${priv_key_file}" ]; then +			cp "/root/.ssh/${priv_key_file}" "${LTSP_OPT}/${chroot}/root/.ssh/${priv_key_file}" +		fi + +	done + +	# Copy the SSH authorized_keys file for DLWs to ${LTSP_OPT}/${chroot}/root/.ssh/authorized_keys (e.g. disklserver:/root/.ssh/authorized_keys) +	# Use host's authorized_keys file for granting DLW access via SSH as root without password +	if [ -e "/root/.ssh/authorized_keys" ] && [ ! -e "${LTSP_OPT}/${chroot}/root/.ssh/authorized_keys" ]; then +		cp "/root/.ssh/authorized_keys" "${LTSP_OPT}/${chroot}/root/.ssh/authorized_keys" +	fi + +	# Create the SquashFS image (if an update is required)  	if [ -e "${LTSP_OPT}/${chroot}/${latest_upgrade}.squashfs-created" ]; then  		echo "chroot ${LTSP_OPT}/${chroot}'s squashfs image is up-to-date. Skipping..."  	else | 
