Class AdminAccess
java.lang.Object
org.jclouds.scriptbuilder.statements.login.AdminAccess
- All Implemented Interfaces:
Statement
Controls the administrative access to a node. By default, it will perform the following:
- setup a new admin user which folks should use as opposed to any built-in account
- associate a random (or given) password to that account
- securely (using sha 512 on client side and literally rewriting the shadow entry, rather than sending password plaintext to OS in a script)
- but note password access is often blocked in any case, see below
- associate the users' ssh public key with the account for login
- associate it with the os group wheel
- set up sudoers for password-less access to root for this user (shouldGrantSudo)
- creating os group wheel and assigning the new admin user to it
- create (overwriting) sudoers file to grant root access for wheel members
- reset password for the user logging in (e.g. root, because root password is sometimes known to the provider), securely and randomly as described above (resetLoginPassword)
- lockdown sshd_config for no root login, nor passwords allowed (lockSsh)
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classprotected static classstatic interface -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic AdminAccess.Builderbuilder()functionDependencies(OsFamily family) init(AdminAccess.Configuration configuration) booleanstatic AdminAccessstandard()toString()
-
Constructor Details
-
AdminAccess
-
-
Method Details
-
builder
-
standard
-
getAdminCredentials
- Returns:
- new credentials or null if unchanged or unavailable
-
getAdminPassword
-
shouldGrantSudoToAdminUser
public boolean shouldGrantSudoToAdminUser() -
functionDependencies
- Specified by:
functionDependenciesin interfaceStatement
-
init
-
render
-
toString
-