From ac50b36d7e10dabb286756cb8043a144cc4dc83e Mon Sep 17 00:00:00 2001
From: Dietmar Maurer <dietmar@proxmox.com>
Date: Fri, 29 May 2015 14:37:19 +0200
Subject: [PATCH] allow sshd root login when we setup a PVE cluster

---
 data/PVE/Cluster.pm | 17 +++++++++++++++++
 data/PVE/pvecm      |  2 ++
 2 files changed, 19 insertions(+)

diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
index c142bc8..c14c99e 100644
--- a/data/PVE/Cluster.pm
+++ b/data/PVE/Cluster.pm
@@ -51,6 +51,7 @@ my $ssh_host_rsa_id = "/etc/ssh/ssh_host_rsa_key.pub";
 my $sshglobalknownhosts = "/etc/ssh/ssh_known_hosts";
 my $sshknownhosts = "/etc/pve/priv/known_hosts";
 my $sshauthkeys = "/etc/pve/priv/authorized_keys";
+my $sshd_config_fn = "/etc/ssh/sshd_config";
 my $rootsshauthkeys = "/root/.ssh/authorized_keys";
 my $rootsshauthkeysbackup = "${rootsshauthkeys}.org";
 my $rootsshconfig = "/root/.ssh/config";
@@ -1089,6 +1090,22 @@ sub ssh_merge_keys {
     }
 }
 
+sub setup_sshd_config {
+
+    my $conf = PVE::Tools::file_get_contents($sshd_config_fn);
+    
+    return if $conf =~ m/^PermitRootLogin\s+yes\s*$/m;
+
+    if ($conf !~ s/^#?PermitRootLogin.*$/PermitRootLogin yes/m) {
+	chomp $conf;
+	$conf .= "\nPermitRootLogin yes\n";
+    } 
+
+    PVE::Tools::file_set_contents($sshd_config_fn, $conf);
+
+    PVE::Tools::run_command(['systemctl', 'reload-or-restart', 'sshd']);
+}
+
 sub setup_rootsshconfig {
 
     # create ssh key if it does not exist
diff --git a/data/PVE/pvecm b/data/PVE/pvecm
index 6aeb2e0..101ca49 100755
--- a/data/PVE/pvecm
+++ b/data/PVE/pvecm
@@ -142,6 +142,7 @@ __PACKAGE__->register_method ({
 
 	-f $clusterconf && die "cluster config '$clusterconf' already exists\n";
 
+	PVE::Cluster::setup_sshd_config();
 	PVE::Cluster::setup_rootsshconfig();
 	PVE::Cluster::setup_ssh_keys();
 
@@ -360,6 +361,7 @@ __PACKAGE__->register_method ({
     code => sub {
 	my ($param) = @_;
 
+	PVE::Cluster::setup_sshd_config();
 	PVE::Cluster::setup_rootsshconfig();
 	PVE::Cluster::setup_ssh_keys();
 
-- 
2.39.2