starlingx/update
Code Issues Proposed changes

Remove ssh host-key from new rootfs before patch

Browse Source 
The ssh host-keys are changing during the patch build.
This change remove the ssh host-key from the new
rootfs dir before creating the patch.

Test plan:
Pass:
- Run ./make_patch.py create --patch-recipe patch_recipe_rr_sample.xml
    \ --clone-repo /localdisk/deploy/ostree_test/
- Check if folder {new_rootfs}/usr/etc/ssh/ssh_host has no key file
- Check if patch is built correctly

Story: 2009969
Task: 47898

Change-Id: I902b88987209f80ebf4a48405e9ef51265d14617
Signed-off-by: Dostoievski Batista <dostoievski.albinobatista@windriver.com>
This commit is contained in:
Dostoievski Batista
2023-04-26 20:11:06 -03:00
committed by Dostoievski Albino Batista
parent ba472d6ede
commit f3aa4b35ab
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
sw-patch/cgcs-patch/cgcs_make_patch/make_patch.py
View File

@@ -458,6 +458,7 @@ class PatchBuilder(object):
log.info("Command line: %s", cmd)
subprocess.call([cmd], shell=True)
log.info("Done. Checkout new root fs in %s", rootfs_new_dir)
self.__remove_ssh_host_keys(rootfs_new_dir)
# Try to reuse files from feed rootfs.
try:
@@ -502,6 +503,24 @@ class PatchBuilder(object):
log.info(" Based on root filesystem %s", rootfs_new_dir)
return patch_repo_dir, True
def __remove_ssh_host_keys(self, rootfs_new_dir):
"""
Delete ssh host-key files inside new rootfs dir
:param rootfs_new_dir: rootfs dir name
"""
cmd = " ".join(["rm -f", os.path.join(rootfs_new_dir, 'usr/etc/ssh/ssh_host/ssh_host_rsa_key.pub')])
subprocess.call(cmd, shell=True)
cmd = " ".join(["rm -f", os.path.join(rootfs_new_dir, 'usr/etc/ssh/ssh_host/ssh_host_rsa_key')])
subprocess.call(cmd, shell=True)
cmd = " ".join(["rm -f", os.path.join(rootfs_new_dir, 'usr/etc/ssh/ssh_host/ssh_host_ed25519_key.pub')])
subprocess.call(cmd, shell=True)
cmd = " ".join(["rm -f", os.path.join(rootfs_new_dir, 'usr/etc/ssh/ssh_host/ssh_host_ed25519_key')])
subprocess.call(cmd, shell=True)
cmd = " ".join(["rm -f", os.path.join(rootfs_new_dir, 'usr/etc/ssh/ssh_host/ssh_host_ecdsa_key.pub')])
subprocess.call(cmd, shell=True)
cmd = " ".join(["rm -f", os.path.join(rootfs_new_dir, 'usr/etc/ssh/ssh_host/ssh_host_ecdsa_key')])
subprocess.call(cmd, shell=True)
def __check_gnupg_folder(self):
"""
Check if GPG homedir exists and create it if necessary