diff options
author | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-05-11 12:29:59 +0000 |
---|---|---|
committer | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-05-11 12:31:36 +0000 |
commit | 702513b895ce183dce59becc8fae6ebb085e43a2 (patch) | |
tree | df9099f6192f2b2160d4ff879d41a18a94c065b2 /tcwg-base | |
parent | 4f37117e32a4d6b8d915e6b95c9cab0994436539 (diff) |
tcwg-build: Add new script new-user.sh
... and use it to create users inside containers.
Change-Id: Ic00d13c30ad6e8a4a613040fa76537eec7e1ad97
Diffstat (limited to 'tcwg-base')
-rw-r--r-- | tcwg-base/tcwg-build/Dockerfile.in | 9 | ||||
-rwxr-xr-x | tcwg-base/tcwg-build/build.sh | 3 | ||||
-rwxr-xr-x | tcwg-base/tcwg-build/new-user.sh | 55 |
3 files changed, 61 insertions, 6 deletions
diff --git a/tcwg-base/tcwg-build/Dockerfile.in b/tcwg-base/tcwg-build/Dockerfile.in index 5d620d23..39ef4f39 100644 --- a/tcwg-base/tcwg-build/Dockerfile.in +++ b/tcwg-base/tcwg-build/Dockerfile.in @@ -1,10 +1,9 @@ FROM linaro/ci-#{ARCH}-tcwg-base-ubuntu:#{DISTRO} -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave diff --git a/tcwg-base/tcwg-build/build.sh b/tcwg-base/tcwg-build/build.sh index 8624b7fd..99795026 100755 --- a/tcwg-base/tcwg-build/build.sh +++ b/tcwg-base/tcwg-build/build.sh @@ -6,7 +6,7 @@ trap cleanup_exit INT TERM EXIT cleanup_exit() { - rm -rf tcwg-buildslave tcwg-benchmark + rm -rf new-user.sh tcwg-buildslave tcwg-benchmark } export LANG=C @@ -16,6 +16,7 @@ name=$(basename ${PWD} | cut -f3- -d '-') image=linaro/ci-${arch}-${name}-ubuntu:${distro} top=$(git rev-parse --show-toplevel) +cp $top/tcwg-base/tcwg-build/new-user.sh ./ rsync -a $top/tcwg-base/tcwg-build/tcwg-buildslave/ ./tcwg-buildslave/ rsync -a $top/tcwg-base/tcwg-build/tcwg-benchmark/ ./tcwg-benchmark/ diff --git a/tcwg-base/tcwg-build/new-user.sh b/tcwg-base/tcwg-build/new-user.sh new file mode 100755 index 00000000..ff191814 --- /dev/null +++ b/tcwg-base/tcwg-build/new-user.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +set -euf -o pipefail + +usage () +{ + exit 1 +} + +group="" +key="" +user="" +verbose=false + +while [ $# -gt 0 ]; do + case "$1" in + --group) group="$2" ;; + --key) key="$2" ;; + --user) user="$2" ;; + --verbose) verbose="$2"; shift ;; + *) echo "ERROR: Wrong option: $1"; usage ;; + esac + shift 2 +done + +if $verbose; then set -x; fi + +if [ x"$group" != x"" ]; then + gid=$(echo "$group" | cut -s -d: -f 2) + group=$(echo "$group" | cut -d: -f 1) + + if [ x"$gid" != x"" ]; then + groupadd -g $gid $group + fi + + group_opt="-g $group" +else + group_opt="" +fi + +uid=$(echo "$user" | cut -s -d: -f 2) +user=$(echo "$user" | cut -d: -f 1) + +useradd -m $group_opt -G kvm ${uid:+-u $uid} $user + +sudoers_file=/etc/sudoers.d/$(echo $user | tr "." "-") +echo '$user ALL = NOPASSWD: ALL' > $sudoers_file +chmod 0440 $sudoers_file + +if [ x"$key" != x"" ] ; then + sudo -i -u $user mkdir -p /home/$user/.ssh + sudo -i -u $user chmod 0700 /home/$user/.ssh + cat "$key" | sudo -i -u $user tee /home/$user/.ssh/authorized_keys > /dev/null + sudo -i -u $user chmod 0600 /home/$user/.ssh/authorized_keys +fi |