はじめに
サーバにログインした際にプロンプトに表示される情報をカスタマイズする方法です
Last login: Tue Feb 19 16:46:18 2019 from *************.ap-northeast-1.compute.internal __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ 6 package(s) needed for security, out of 14 available Run "sudo yum update" to apply all updates.
調査
motdはリンクファイル
$ ls -l /etc/motd lrwxrwxrwx 1 root root 25 11月 14 16:25 /etc/motd -> /var/lib/update-motd/motd
リンク先のファイルがログイン時の出力と同じ
$ cat /var/lib/update-motd/motd __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ 6 package(s) needed for security, out of 14 available Run "sudo yum update" to apply all updates.
日次の以下のcronでファイルの内容が更新される
$ cat /etc/cron.d/update-motd # Delay a random time between 0 and 360 minutes (6 hours) to avoid having all # instances update at the same time. RANDOM_DELAY=360 @daily root /usr/bin/systemctl --quiet restart update-motd
update-motdの状態
$ systemctl status update-motd ● update-motd.service - Dynamically Generate Message Of The Day Loaded: loaded (/usr/lib/systemd/system/update-motd.service; enabled; vendor preset: enabled) Active: active (exited) since 火 2019-02-19 03:01:07 JST; 14h ago Main PID: 8054 (code=exited, status=0/SUCCESS) CGroup: /system.slice/update-motd.service
unitの詳細
$ cat /usr/lib/systemd/system/update-motd.service [Unit] Description=Dynamically Generate Message Of The Day After=network-online.target [Service] Type=oneshot ExecStart=/usr/sbin/update-motd RemainAfterExit=yes [Install] WantedBy=multi-user.target
実行コマンド
$ cat /usr/sbin/update-motd #!/bin/bash ################################################################################ # Copyright 2011 Amazon.com, Inc. or its affiliates. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"). You may not # use this file except in compliance with the License. A copy of the License is # located at # # http://aws.amazon.com/apache2.0/ # # or in the "license" file accompanying this file. This file is distributed on # an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express # or implied. See the License for the specific language governing permissions # and limitations under the License. ################################################################################ if [ $(/usr/bin/id -u) -ne 0 ]; then echo "You are not root" exit 1 fi # Parse the few supported options case "$1" in --enable) rm -f /var/lib/update-motd/disabled exit 0;; --disable) mkdir -p /var/lib/update-motd/ touch /var/lib/update-motd/disabled exit 0;; '' | --force);; *) echo "update-motd [option]" echo " --disable: Disable update-motd" echo " --enable: Enable update-motd" echo " --force: Ignore disabled setting" exit 1;; esac # Just exit if update-motd is disabled and --force wasn't passed if [ -e /var/lib/update-motd/disabled ] && [ "$1" != "--force" ] then exit 0 fi if [ -d /etc/update-motd.d ]; then TMPFILE=$(mktemp --tmpdir motd.XXXXX) if [ -f /etc/motd.head ]; then cat /etc/motd.head >> $TMPFILE fi # Simulated run-parts, wildcards in bash are expanded sorted # Skip files ending in ~ or , for part in /etc/update-motd.d/*[^~,]; do # Skip .rpmnew, etc. [[ $part =~ \.rpm* ]] && continue # Run only if it's a regular file and executable if [ -f $part ] && [ -x $part ]; then TMPPART=$(mktemp --tmpdir motd.partXXXXX) if (timeout 10s $part > $TMPPART); then cat $TMPPART >> $TMPFILE fi rm -f $TMPPART fi done if [ -f /etc/motd.tail ]; then cat /etc/motd.tail >> $TMPFILE fi # Only actually do the replacement if there is something in there if [ -s $TMPFILE ]; then # mktemp creates files with only user read-write permissions chmod go+r $TMPFILE mv $TMPFILE /var/lib/update-motd/motd else # Don't leave temp files rm -f $TMPFILE fi fi
/etc/update-motd.d配下の実行ファイル
$ ls -l /etc/update-motd.d/ 合計 16 -rwxr-xr-x 1 root root 146 11月 7 08:29 30-banner -rwxr-xr-x 1 root root 67 1月 31 07:20 50-amazon-linux-extras-news -rwxr-xr-x 1 root root 808 11月 7 08:29 70-available-updates
実行ファイルの内容
$ cat 30-banner #!/bin/sh cat << EOF __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ EOF
対応
/etc/update-motd.d配下に、ログイン時に出力したいメッセージを出力するシェルを配置すればいい。 ファイルを配置後以下のコマンドを実行して/etc/motdを更新する。
sudo /usr/sbin/update-motd
ansible role
motd-message ├── handlers │ └── main.yml ├── tasks │ └── main.yml └── templates └── 99-login-message.j2
handlers/main.yml
- name: update motd systemd: name: update-motd state: restarted
tasks/main.yml
- name: Setup motd file template: src: 99-login-message.j2 dest: /etc/update-motd.d/99-login-message mode: 0755 notify: update motd when: ansible_distribution == 'Amazon'
templates/99-login-message.j2
#!/bin/sh cat << EOF {{ motd_message }} EOF
ansible-playbook
定義方法はなんでもいいけど、以下の変数でメッセージを定義
############################################################# # /etc/motd setup parameter ############################################################# motd_message: | !!注意!! 各パッケージ構成管理はansibleにて実施しているため、変更する場合はansibleを使用してください!!