Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #803 containers keys upload #804

Merged
merged 3 commits into from
Dec 9, 2017
Merged

Fix #803 containers keys upload #804

merged 3 commits into from
Dec 9, 2017

Commits on Dec 8, 2017

  1. Fix storeKeysOnMachine defaulting to True in MachineState. See NixO… 

    …S#803.

This defaulted to True even though the nixops changelog for version 1.2
says that it was changed to False for security reasons.
    @nh2
    nh2 committed Dec 8, 2017
    Configuration menu
    Copy the full SHA
    80a94c4 View commit details
    Browse the repository at this point in the history

  2. Fix keys not being deployed to containers. Fixes NixOS#803. 

    In the same fashion as in commit 985886c, container.py did not call
`set_common_state()`, so keys remained set to `{}` (and other attributes
to their default values likely as well).

`get_ssh_flags()` was incorrectly called twice, and the second time
with missing `**kwargs` thus leading to `scp` getting incorrect
parameters, such as `-p 22`, which is not a valid flag for scp,
which made uploading keys fail.
The failure error message was also very bad, I filed an OpenSSH
issue for scp at https://bugzilla.mindrot.org/show_bug.cgi?id=2809.

Finally, the code that set the home directory in container.py's
`run_command()` assumed that the passed command would be a single
command that can be prefixed like `HOME=/root ...command...`
which is not the case; the command may as well be a `(subshell)`,
in which case this failed (nixops uses a subshell for keys permission
settings to save roundtrips).
Fixed with an `export` and semicolon.
    @nh2
    nh2 committed Dec 8, 2017
    Configuration menu
    Copy the full SHA
    d625c71 View commit details
    Browse the repository at this point in the history

  3. Use a class instead of object() to model undefined. 

    This has the same effect, but makes it be printed more obviously
when debugging.
    @nh2
    nh2 committed Dec 8, 2017
    Configuration menu
    Copy the full SHA
    e041873 View commit details
    Browse the repository at this point in the history