diff --git a/debian/changelog b/debian/changelog index 9f710df2..39fd2609 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +livecd-rootfs (2.524) UNRELEASED; urgency=medium + + * Ensure MAAS squashfsi are clean of passwords. LP: #1764991. + + -- Dimitri John Ledkov Thu, 19 Apr 2018 21:22:25 +0100 + livecd-rootfs (2.523) bionic; urgency=medium * Allow the configuration of model assertions independent of preseeding diff --git a/live-build/ubuntu-server/hooks/031-maas-squashfs.binary b/live-build/ubuntu-server/hooks/031-maas-squashfs.binary index 1e46aa3d..ba348ba3 100755 --- a/live-build/ubuntu-server/hooks/031-maas-squashfs.binary +++ b/live-build/ubuntu-server/hooks/031-maas-squashfs.binary @@ -44,6 +44,10 @@ mount_overlay "$SQUASH_ROOT/" "$OVERLAY_RACK_ROOT/" "$RACK_ROOT/" "RACK" setup_mountpoint $RACK_ROOT env DEBIAN_FRONTEND=noninteractive chroot $RACK_ROOT apt-get -y install maas-rack-controller +rm -f $RACK_ROOT/etc/maas/rackd.conf +chroot $RACK_ROOT sh -c 'echo RESET maas/default-maas-url | debconf-communicate maas-common' +chroot $RACK_ROOT sh -c 'echo RESET maas-rack-controller/maas-url | debconf-communicate maas-common' +chroot $RACK_ROOT sh -c 'echo RESET maas-rack-controller/maas-url | debconf-communicate maas-rack-controller' teardown_mountpoint $RACK_ROOT umount "$RACK_ROOT" @@ -53,8 +57,23 @@ umount "$RACK_ROOT" mount_overlay "$OVERLAY_RACK_ROOT/:$SQUASH_ROOT/" "$OVERLAY_REGION_ROOT/" "$REGION_ROOT/" "REGION" setup_mountpoint $REGION_ROOT + env DEBIAN_FRONTEND=noninteractive chroot $REGION_ROOT apt-get -y install maas -chroot $REGION_ROOT pg_ctlcluster 10 main stop + +# Forget how things had to be configured +chroot $REGION_ROOT debconf -fnoninteractive -omaas-region-controller /var/lib/dpkg/info/maas-region-controller.prerm remove +chroot $REGION_ROOT debconf -fnoninteractive -omaas-region-controller /var/lib/dpkg/info/maas-region-controller.postrm remove +chroot $REGION_ROOT debconf -fnoninteractive -omaas-region-controller /var/lib/dpkg/info/maas-region-controller.postrm purge +chroot $REGION_ROOT sh -c 'echo RESET maas/default-maas-url | debconf-communicate maas-common' +chroot $REGION_ROOT sudo -u postgres psql -c 'alter role maas password null;' +rm -f $REGION_ROOT/etc/maas/rackd.conf +rm -f $REGION_ROOT/etc/maas/regiond.conf +chroot $REGION_ROOT pg_ctlcluster $(/bin/ls $REGION_ROOT/var/lib/postgresql/) main stop || : + +# After the install, one may call the below to "reconfigure" maas-region-controller +## debconf -fnoninteractive -omaas-region-controller /var/lib/dpkg/info/maas-region-controller.config configure +## debconf -fnoninteractive -omaas-region-controller /var/lib/dpkg/info/maas-region-controller.postinst configure + teardown_mountpoint "$REGION_ROOT" umount "$REGION_ROOT"