Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-22 07:50:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

debugd: Allow autologin on serial console

Browse Source
This commit is contained in:
Malte Poll 2022-10-11 17:03:49 +02:00 committed by Malte Poll
parent 21617dc7db
commit 93801e1786
3 changed files with 30 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
debugd/cmd/debugd/debugd.go
View File

@ -47,7 +47,7 @@ func main() {
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
defer cancel() defer cancel()
if err := deploy.DeleteUserPassword(ctx, "root"); err != nil { if err := deploy.EnableAutoLogin(ctx, fs, serviceManager); err != nil {
log.Errorf("root login: %w") log.Errorf("root login: %w")
} }

4
debugd/internal/debugd/constants.go
View File

@ -32,4 +32,8 @@ ExecStart=/run/state/bin/bootstrapper
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
` `
GettyAutologinOverrideFilename = "/run/systemd/system/serial-getty@ttyS0.service.d/autologin.conf"
GettyAutologinOverrideUnitContents = `[Service]
ExecStart=
ExecStart=-/sbin/agetty -o '-p -f -- \\u' --autologin root --keep-baud 115200,57600,38400,9600 - $TERM`
) )

33
debugd/internal/debugd/deploy/seriallogin.go
View File

@ -9,16 +9,33 @@ package deploy
import ( import (
"context" "context"
"fmt" "fmt"
"os/exec" "os"
"path"
"github.com/edgelesssys/constellation/v2/debugd/internal/debugd"
"github.com/spf13/afero"
) )
// DeleteUserPassword sets the user's password to an empty string // EnableAutoLogin installs a systemd unit override that allows passwordless root login
// effectively allowing anyone with access to the serial console to log in. // on the serial console.
func DeleteUserPassword(ctx context.Context, user string) error { func EnableAutoLogin(ctx context.Context, fs afero.Fs, serviceManager serviceManager) error {
cmd := exec.CommandContext(ctx, "passwd", "-d", user) if err := fs.MkdirAll(path.Dir(debugd.GettyAutologinOverrideFilename), os.ModePerm); err != nil {
output, err := cmd.CombinedOutput() return fmt.Errorf("creating getty autologin override directory: %w", err)
if err != nil { }
return fmt.Errorf("deleting user password: %q %w", output, err) if err := afero.WriteFile(fs, debugd.GettyAutologinOverrideFilename,
[]byte(debugd.GettyAutologinOverrideUnitContents), os.ModePerm); err != nil {
return fmt.Errorf("writing getty autologin override unit: %w", err)
}
if err := serviceManager.SystemdAction(ctx, ServiceManagerRequest{
Action: Reload,
}); err != nil {
return fmt.Errorf("reloading systemd units: %w", err)
}
if err := serviceManager.SystemdAction(ctx, ServiceManagerRequest{
Action: Restart,
Unit: "serial-getty@ttyS0.service",
}); err != nil {
return fmt.Errorf("restarting getty: %w", err)
} }
return nil return nil
} }