|
|
|
|
@ -67,6 +67,29 @@ chroot ${mount_d} apt-get update
|
|
|
|
|
# avoid pulling into a cloud image.
|
|
|
|
|
chroot ${mount_d} apt-get install --no-install-recommends -y virtualbox-guest-utils
|
|
|
|
|
chroot ${mount_d} apt-get clean
|
|
|
|
|
|
|
|
|
|
# Create and setup users inside the image.
|
|
|
|
|
# Vagrant users expect a "vagrant" user with a "vagrant" username, and that the
|
|
|
|
|
# root password is set to "vagrant" as well.
|
|
|
|
|
# See https://www.vagrantup.com/docs/boxes/base.html
|
|
|
|
|
chroot ${mount_d} useradd -m vagrant -s /bin/bash
|
|
|
|
|
echo "root:vagrant" | chroot ${mount_d} chpasswd
|
|
|
|
|
echo "vagrant:vagrant" | chroot ${mount_d} chpasswd
|
|
|
|
|
|
|
|
|
|
# The vagrant user should have passwordless sudo.
|
|
|
|
|
cat << EOF > ${mount_d}/etc/sudoers.d/vagrant
|
|
|
|
|
vagrant ALL=(ALL) NOPASSWD:ALL
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
# Add the insecure vagrant pubkey to the vagrant user, as is expected by the
|
|
|
|
|
# vagrant ecosystem (https://www.vagrantup.com/docs/boxes/base.html)
|
|
|
|
|
chroot ${mout_d} chmod 0440 /etc/sudoers.d/vagrant
|
|
|
|
|
chroot ${mount_d} mkdir -p /home/vagrant/.ssh
|
|
|
|
|
chroot ${mount_d} chown -R vagrant: /home/vagrant/.ssh
|
|
|
|
|
cat << EOF > ${mount_d}/home/vagrant/.ssh/authorized_keys
|
|
|
|
|
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
umount_disk_image "$mount_d"
|
|
|
|
|
rmdir "$mount_d"
|
|
|
|
|
|
|
|
|
|
@ -94,28 +117,6 @@ ubuntu_user_pass=$(openssl rand -hex 12)
|
|
|
|
|
cdrom_vmdk_f="${box_d}/${prefix}-configdrive.vmdk"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Create and setup users inside the image.
|
|
|
|
|
# Vagrant users expect a "vagrant" user with a "vagrant" username, and that the
|
|
|
|
|
# root password is set to "vagrant" as well.
|
|
|
|
|
# See https://www.vagrantup.com/docs/boxes/base.html
|
|
|
|
|
chroot ${mount_d} useradd -m vagrant -s /bin/bash
|
|
|
|
|
echo "root:vagrant" | chroot ${mount_d} chpasswd
|
|
|
|
|
echo "vagrant:vagrant" | chroot ${mount_d} chpasswd
|
|
|
|
|
|
|
|
|
|
# The vagrant user should have passwordless sudo.
|
|
|
|
|
cat << EOF > ${mount_d}/etc/sudoers.d/vagrant
|
|
|
|
|
vagrant ALL=(ALL) NOPASSWD:ALL
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
# Add the insecure vagrant pubkey to the vagrant user, as is expected by the
|
|
|
|
|
# vagrant ecosystem (https://www.vagrantup.com/docs/boxes/base.html)
|
|
|
|
|
chroot ${mout_d} chmod 0440 /etc/sudoers.d/vagrant
|
|
|
|
|
chroot ${mount_d} mkdir -p /home/vagrant/.ssh
|
|
|
|
|
chroot ${mount_d} chown -R vagrant: /home/vagrant/.ssh
|
|
|
|
|
cat << EOF > ${mount_d}/home/vagrant/.ssh/authorized_keys
|
|
|
|
|
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
# Create the user-data. This is totally insecure, but so is Vagrant. To
|
|
|
|
|
# mitigate this insecurity, the vagrant instance is not accessible
|
|
|
|
|
# except via local host.
|
|
|
|
|
|
Christopher Glass
7 years ago