----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/11934/ -----------------------------------------------------------
(Updated June 18, 2013, 2:41 p.m.) Review request for cloudstack. Summary (updated) ----------------- CLOUDSTACK-3054 modify cloud-set-guest-sshkey.in initscript to handle SELinux configuration Description ------- With SELinux enabled on a CentOS VM template the automatic creation process of ~/.ssh and ~/.ssh/authorized_keys doesn't contain the metadata required for those files to be used for public key authentication. Running "restorecon -R -v ~/.ssh" restores the configuration and allows public key authentication to function with SELinux in the enforcing state. This patch checks for the existence of /sbin/restorecon when /etc/init.d/cloud-set-guest-sshkey.in is run, after it would have updated the .ssh directory and if it exists it restores the configuration. Diffs ----- setup/bindir/cloud-set-guest-sshkey.in 15008b8 Diff: https://reviews.apache.org/r/11934/diff/ Testing ------- Tested on latest CentOS 6.4 template. Without this modification, machines generated with with Cloudstack API's deployVirtualMachine and the keypair parameter which have SELinux enabled still prompt for password even if the correct private key is supplied to SSH. Once this patch is applied those same VMs will allow login via public key. Thanks, Ian Service
