tcwg-host, tcwg-build: Simplify and unify handling of /home files

Replace "new-user.sh --key KEY" interface with "new-user.sh --home-data DIR"
interface.  Use the new interface in both tcwg-host and tcwg-build images.

Change-Id: I58e7e6506daa70bd10b4f29deebcf85ca0c5bc4f

3 files changed, 15 insertions, 25 deletions

diff --git a/tcwg-base/new-user.sh b/tcwg-base/new-user.sh
index d3abe709..5f36b5f8 100755
--- a/tcwg-base/new-user.sh
+++ b/tcwg-base/new-user.sh
@@ -9,7 +9,7 @@ usage ()
 
 passwd_ent=""
 group=""
-key=""
+home_data=""
 user=""
 verbose=false
 
@@ -17,7 +17,7 @@ while [ $# -gt 0 ]; do
     case "$1" in
 	--passwd) passwd_ent="$2" ;;
 	--group) group="$2" ;;
-	--key) key="$2" ;;
+	--home-data) home_data="$2" ;;
 	--user) user="$2" ;;
 	--verbose) verbose="$2"; shift ;;
 	*) echo "ERROR: Wrong option: $1"; usage ;;
@@ -41,6 +41,7 @@ elif [ x"$passwd_ent" != x"" ]; then
     group_opt="-g $gid"
 else
     group_opt=""
+    gid=""
 fi
 
 if [ x"$user" = x"" ]; then
@@ -65,12 +66,10 @@ if [ x"$user" != x"" ]; then
     sudoers_file=/etc/sudoers.d/$(echo $user | tr "." "-")
     echo "$user ALL = NOPASSWD: ALL" > $sudoers_file
     chmod 0440 $sudoers_file
-fi
 
-if [ x"$key" != x"" ]; then
-    key_user=$(echo "$key" | sed -e "s/.*authorized_keys-//")
-    sudo -i -u $key_user mkdir -p /home/$key_user/.ssh
-    sudo -i -u $key_user chmod 0700 /home/$key_user/.ssh
-    cat "$key" | sudo -i -u $key_user tee /home/$key_user/.ssh/authorized_keys > /dev/null
-    sudo -i -u $key_user chmod 0600 /home/$key_user/.ssh/authorized_keys
+    if [ x"$home_data" != x"" ]; then
+	chown -R $user${gid:+:$gid} /home-data/$user/; \
+	chmod -R go-rwx /home-data/$user/.ssh/ ; \
+	rsync -a /home-data/$user/ /home/$user/; \
+    fi
 fi
diff --git a/tcwg-base/tcwg-build/Dockerfile.in b/tcwg-base/tcwg-build/Dockerfile.in
index 937d1384..2af68b2c 100644
--- a/tcwg-base/tcwg-build/Dockerfile.in
+++ b/tcwg-base/tcwg-build/Dockerfile.in
@@ -1,18 +1,14 @@
 FROM linaro/ci-#{ARCH}-tcwg-base-ubuntu:#{DISTRO}
 
+COPY tcwg-buildslave /home-data/tcwg-buildslave
+COPY tcwg-benchmark /home-data/tcwg-benchmark
+
 RUN new-user.sh --group tcwg-infra:9000 \
- && new-user.sh --passwd "tcwg-buildslave:x:11827:9000:TCWG Buildslave::/bin/bash" \
- && new-user.sh --passwd "tcwg-benchmark:x:12326:9000:TCWG Benchmark::/bin/bash" \
+ && new-user.sh --passwd "tcwg-buildslave:x:11827:9000:TCWG Buildslave::/bin/bash" --home-data /home-data \
+ && new-user.sh --passwd "tcwg-benchmark:x:12326:9000:TCWG Benchmark::/bin/bash" --home-data /home-data \
+ && rm -rf /home-data/ \
  && mkdir -p /home/tcwg-buildslave/workspace
 
-COPY tcwg-buildslave /home/tcwg-buildslave
-COPY tcwg-benchmark /home/tcwg-benchmark
-
-RUN chown -R tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/ \
- && chown -R tcwg-benchmark:tcwg-infra /home/tcwg-benchmark/ \
- && chmod 0700 /home/tcwg-buildslave/.ssh/ /home/tcwg-benchmark/.ssh/ \
- && chmod 0600 /home/tcwg-buildslave/.ssh/* /home/tcwg-benchmark/.ssh/*
-
 #if ARCH_amd64 || ARCH_i386
 # Install wine.  On amd64 arch we need to enable i386, otherwise wine
 # won't meet dependencies (this is the case at least for trusty and xenial).
diff --git a/tcwg-base/tcwg-host/Dockerfile.in b/tcwg-base/tcwg-host/Dockerfile.in
index d660245f..94d45a1e 100644
--- a/tcwg-base/tcwg-host/Dockerfile.in
+++ b/tcwg-base/tcwg-host/Dockerfile.in
@@ -5,11 +5,6 @@ COPY home-data/ /home-data/
 
 RUN new-user.sh --group tcwg-infra:9000 && new-user.sh --group tcwg-users:10000 \
  && while read line; do \
-      new-user.sh --passwd "$line"; \
-      user=$(echo "$line" | cut -d: -f 1); \
-      gid=$(echo "$line" | cut -d: -f 4); \
-      chown -R $user:$gid /home-data/$user/; \
-      chmod -R go-rwx /home-data/$user/.ssh/ ; \
-      rsync -a /home-data/$user/ /home/$user/; \
+      new-user.sh --passwd "$line" --home-data /home-data; \
     done </passwd \
  && rm -rf /passwd /home-data/