#!/bin/bash # # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # # Installation steps (ArchLinux using base/dhcpcd-6.0.5-1) # # Install "wget" and "dhcpcd" # $ pacman -S wget dhcpcd # $ systemctl enable dhcpcd@eth0 # Copy script to /usr/lib/systemd/scripts/ # $ cp -v cloudstack-set-guest-password \ # /usr/lib/systemd/scripts/ # Copy the service file to /usr/lib/systemd/system/ # $ cp -v cloudstack-set-guest-password.service \ # /usr/lib/systemd/system/ # Enable the service # $ systemctl enable cloudstack-set-guest-password.service interface=eth0 user=root password_received=0 if [ ! -x /usr/bin/dhcpcd ]; then logger -t "cloudstack" "$0 only works with base/dhcpcd" exit 1 fi if [ ! -x /usr/bin/chpasswd ]; then logger -t "cloudstack" "$0 requires /usr/bin/chpasswd command" exit 1 fi PASSWORD_SERVER_IP=$(dhcpcd -U $interface | grep dhcp_server_identifier | cut -f2 -d=) if [ -n $PASSWORD_SERVER_IP ]; then logger -t "cloudstack" "Found password server IP $PASSWORD_SERVER_IP" logger -t "cloudstack" "Sending request to password server at $PASSWORD_SERVER_IP" password=$(wget -q -t 3 -T 20 -O - --header "DomU_Request: send_my_password" $PASSWORD_SERVER_IP:8080) if [ $? -ne 0 ]; then logger -t "cloudstack" "Failed to run wget correctly. Network not ready?" exit 1 fi password=$(echo $password | tr -d '\r') logger -t "cloudstack" "Got password as - $password - " if [ $? -eq 0 ]; then logger -t "cloudstack" "Got response from server at $PASSWORD_SERVER_IP" case $password in "") logger -t "cloudstack" "Password server at $PASSWORD_SERVER_IP did not have any password for the VM" ;; "bad_request") logger -t "cloudstack" "VM sent an invalid request to password server at $PASSWORD_SERVER_IP" ;; "saved_password") logger -t "cloudstack" "VM has already saved a password from the password server at $PASSWORD_SERVER_IP" ;; *) logger -t "cloudstack" "VM got a valid password from server at $PASSWORD_SERVER_IP" password_received=1 ;; esac else logger -t "cloudstack" "Failed to send request to password server at $PASSWORD_SERVER_IP" fi else logger -t "cloudstack" "Could not find password server IP for $interface" fi if [ "$password_received" == "1" ]; then logger -t "cloudstack" "Changing password ..." echo $user:$password | /usr/bin/chpasswd if [ $? -gt 0 ]; then logger -t "cloudstack" "Failed to change password for user $user" exit 1 fi logger -t "cloudstack" "Successfully changed password for user $user" logger -t "cloudstack" "Sending acknowledgment to password server at $PASSWORD_SERVER_IP" wget -t 3 -T 20 -O - --header "DomU_Request: saved_password" $PASSWORD_SERVER_IP:8080 fi exit 0 # vim: set ts=2 sw=2 expandtab