diff options
| author | Pavel Zakharov <pavel.zakharov@delphix.com> | 2019-10-31 16:26:54 +0000 |
|---|---|---|
| committer | Server Team CI Bot <josh.powers+server-team-bot@canonical.com> | 2019-10-31 16:26:54 +0000 |
| commit | 45ea695f9b4fce180c662ab4211575d64912634e (patch) | |
| tree | 23aada81d0d2e1e27858865f8adb1c2f895fb240 /cloudinit/stages.py | |
| parent | fcc92ad15199318abfad067c63f5ab941addc720 (diff) | |
| download | cloud-init-git-45ea695f9b4fce180c662ab4211575d64912634e.tar.gz | |
Add config for ssh-key import and consuming user-data
This patch enables control over SSH public-key import and
discarding supplied user-data (both disabled by default).
allow-userdata: false
ssh:
allow_public_ssh_keys: false
This feature enables closed appliances to prevent customers
from unintentionally breaking the appliance which were
not designed for user interaction.
The downstream change for this is here:
https://github.com/delphix/cloud-init/pull/4
Diffstat (limited to 'cloudinit/stages.py')
| -rw-r--r-- | cloudinit/stages.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/cloudinit/stages.py b/cloudinit/stages.py index 77c21de0..71f3a49e 100644 --- a/cloudinit/stages.py +++ b/cloudinit/stages.py @@ -549,7 +549,11 @@ class Init(object): with events.ReportEventStack("consume-user-data", "reading and applying user-data", parent=self.reporter): - self._consume_userdata(frequency) + if util.get_cfg_option_bool(self.cfg, 'allow_userdata', True): + self._consume_userdata(frequency) + else: + LOG.debug('allow_userdata = False: discarding user-data') + with events.ReportEventStack("consume-vendor-data", "reading and applying vendor-data", parent=self.reporter): |