From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 15 Sep 2022 18:35:36 +0000 (+0100)
Subject: tmpfiles: add lines for provisioning ssh keys for root by default
X-Git-Tag: v252-rc1~100^2~4
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4cebd207d1487e1944fd81bbaf63678dade3ed4e;p=thirdparty%2Fsystemd.git

tmpfiles: add lines for provisioning ssh keys for root by default

With this, I can now easily do:

    systemd-nspawn --load-credential=ssh.authorized_keys.root:/home/lennart/.ssh/authorized_keys --image=… --boot

To boot into an image with my SSH key copied in. Yay!
---

diff --git a/tmpfiles.d/provision.conf b/tmpfiles.d/provision.conf
index a4d7aaf99b2..3c56f42d585 100644
--- a/tmpfiles.d/provision.conf
+++ b/tmpfiles.d/provision.conf
@@ -15,3 +15,8 @@ f^ /etc/issue.d/50-provision.conf - - - - login.issue
 
 # Provision a /etc/hosts file from credentials.
 f^ /etc/hosts - - - - network.hosts
+
+# Provision SSH key for root
+d /root :0700 root :root -
+d /root/.ssh :0700 root :root -
+f^ /root/.ssh/authorized_keys :0600 root :root - ssh.authorized_keys.root
diff --git a/units/systemd-tmpfiles-setup.service b/units/systemd-tmpfiles-setup.service
index 7e11eb94144..a4204655349 100644
--- a/units/systemd-tmpfiles-setup.service
+++ b/units/systemd-tmpfiles-setup.service
@@ -27,3 +27,4 @@ LoadCredential=tmpfiles.extra
 LoadCredential=login.motd
 LoadCredential=login.issue
 LoadCredential=network.hosts
+LoadCredential=ssh.authorized_keys.root