allow sshd root login when we setup a PVE cluster

diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
index c142bc8ff06b618d667dad2080b00f3ad29f7515..c14c99ef4e135ecfd80dfc7c3fdd3b4a392cf94d 100644 (file)
--- a/data/PVE/Cluster.pm
+++ b/data/PVE/Cluster.pm
@@ -51,6 +51,7 @@ my $ssh_host_rsa_id = "/etc/ssh/ssh_host_rsa_key.pub";
 my $sshglobalknownhosts = "/etc/ssh/ssh_known_hosts";
 my $sshknownhosts = "/etc/pve/priv/known_hosts";
 my $sshauthkeys = "/etc/pve/priv/authorized_keys";
+my $sshd_config_fn = "/etc/ssh/sshd_config";
 my $rootsshauthkeys = "/root/.ssh/authorized_keys";
 my $rootsshauthkeysbackup = "${rootsshauthkeys}.org";
 my $rootsshconfig = "/root/.ssh/config";
@@ -1089,6 +1090,22 @@ sub ssh_merge_keys {
     }
 }
 
+sub setup_sshd_config {
+
+    my $conf = PVE::Tools::file_get_contents($sshd_config_fn);
+    
+    return if $conf =~ m/^PermitRootLogin\s+yes\s*$/m;
+
+    if ($conf !~ s/^#?PermitRootLogin.*$/PermitRootLogin yes/m) {
+       chomp $conf;
+       $conf .= "\nPermitRootLogin yes\n";
+    } 
+
+    PVE::Tools::file_set_contents($sshd_config_fn, $conf);
+
+    PVE::Tools::run_command(['systemctl', 'reload-or-restart', 'sshd']);
+}
+
 sub setup_rootsshconfig {
 
     # create ssh key if it does not exist

diff --git a/data/PVE/pvecm b/data/PVE/pvecm
index 6aeb2e05a266a9ca0776b10b45cd0f48c009011e..101ca49e0026686e44aada41162c7b1cfcc521f0 100755 (executable)
--- a/data/PVE/pvecm
+++ b/data/PVE/pvecm
@@ -142,6 +142,7 @@ __PACKAGE__->register_method ({
 
        -f $clusterconf && die "cluster config '$clusterconf' already exists\n";
 
+       PVE::Cluster::setup_sshd_config();
        PVE::Cluster::setup_rootsshconfig();
        PVE::Cluster::setup_ssh_keys();
 
@@ -360,6 +361,7 @@ __PACKAGE__->register_method ({
     code => sub {
        my ($param) = @_;
 
+       PVE::Cluster::setup_sshd_config();
        PVE::Cluster::setup_rootsshconfig();
        PVE::Cluster::setup_ssh_keys();