Skip to content

Commit 0763ae8

Browse files
QubasaQubasa
committed
Fix logging in as incorrect user if phases kexec is not set
When executing nixos-anywhere --phases disko myuser@<ip> for example we must assume that kexec has already been run and that the target user changed to root now. This will force nixos-anywhere to log in as root user if the kexec phase is not present.
1 parent cc170a0 commit 0763ae8

File tree

1 file changed

+14
-6
lines changed

1 file changed

+14
-6
lines changed

src/nixos-anywhere.sh

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -473,12 +473,12 @@ runSsh() {
473473
(
474474
set +x
475475
if [[ -n ${enableDebug} ]]; then
476-
echo -e "\033[1;34mSSH COMMAND:\033[0m ssh $sshTtyParam ${sshArgs[*]} $sshConnection $*"
476+
echo -e "\033[1;34mSSH COMMAND:\033[0m ssh $sshTtyParam ${sshArgs[*]} $sshConnection $*\n"
477477
fi
478+
# shellcheck disable=SC2029
479+
# We want to expand "$@" to get the command to run over SSH
480+
ssh "$sshTtyParam" "${sshArgs[@]}" "$sshConnection" "$@"
478481
)
479-
# shellcheck disable=SC2029
480-
# We want to expand "$@" to get the command to run over SSH
481-
ssh "$sshTtyParam" "${sshArgs[@]}" "$sshConnection" "$@"
482482
}
483483

484484
nixCopy() {
@@ -805,8 +805,10 @@ fi
805805
# If no local upload command is defined, we use the remote command to download and execute
806806
if [[ ${#localUploadCommand[@]} -eq 0 ]]; then
807807
# Use remote command for download and execution
808-
local tarCommand="$(printf '%q ' "${remoteUploadCommand[@]}") | tar -xv ${tarDecomp}"
809-
local remoteCommands=${remoteCommandTemplate//'%TAR_COMMAND%'/$tarCommand}
808+
local tarCommand
809+
tarCommand="$(printf '%q ' "${remoteUploadCommand[@]}") | tar -xv ${tarDecomp}"
810+
local remoteCommands
811+
remoteCommands=${remoteCommandTemplate//'%TAR_COMMAND%'/$tarCommand}
810812
811813
# Run the SSH command - for kexec with sudo, we expect it might disconnect
812814
local sshExitCode
@@ -1009,6 +1011,12 @@ main() {
10091011
sshUser=$(echo "$sshSettings" | awk '/^user / { print $2 }')
10101012
sshHost="${sshConnection//*@/}"
10111013
1014+
# If kexec phase is not present, we assume kexec has already been run
1015+
# and change the user to root@<sshHost> for the rest of the script.
1016+
if [[ ${phases[kexec]} != 1 ]]; then
1017+
sshConnection="root@${sshHost}"
1018+
fi
1019+
10121020
uploadSshKey
10131021
10141022
importFacts

0 commit comments

Comments
 (0)