Injecting public key into openbmc image for CI integration
jean-marie.verdun at hpe.com
Wed Oct 7 13:09:54 AEDT 2020
Thanks for the feedback. I will follow your recommendations. I did implemented my initial recipes by using the extra users params to create the test user. So I will integrate that into a bbclass and propose a solution to upstream this code.
On 10/6/20, 7:01 PM, "Patrick Williams" <patrick at stwcx.xyz> wrote:
On Tue, Oct 06, 2020 at 05:45:07PM +0000, Verdun, Jean-Marie wrote:
> I looked into openbmc and it doesn’t seem that there is any standard recipes to create a test user and inject into the account a public key. Does I am wrong ? I wrote a very basic recipe to make it happens, and was wondering if it could be relevant to upstream it ?
Yocto already has the 'extrausers' bbclass, which is typically inherited
by an image in order to add additional users. What you are asking for
is slightly more than that because you also want an SSH pubkey, but it
doesn't seem to support that out of the box (it appears as if
EXTRA_USERS_PARAMS is a variable containing a shell-snippet, but the
bbclass explicitly prohibits arbitrary commands). I think you could add
a new package to add your SSH key though.
What I would suggest you do is:
- Create a bbclass that:
1. leverages EXTRA_USERS_PARAMS to add your test user.
2. adds a package to the image RDEPENDS to include your test ssh keys.
- Submit said bbclass upstream here.
- When you build your test images, append to conf/local.conf an
INHERIT += "your-test-key.bbclass".
This will give others a pattern to follow for other networks /
configurations (by upstreaming it) and allow you to build special images
for test that include what you want and mostly leverage existing Yocto
More information about the openbmc