X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=fai%2Fconfig%2Fdistro-install-common%2Fend;h=3735142d3507aa798e1f5d36cceafc61e0a511d6;hb=0a2a4d11ef323da19d0cebe2f5ec7b1be7bd15bc;hp=28f9d5b5f835eea8d7bbcd63a742383407cf3c44;hpb=585b001deaf7a9cd5b3ed088ee470f4e1421348a;p=automated-distro-installer diff --git a/fai/config/distro-install-common/end b/fai/config/distro-install-common/end index 28f9d5b..3735142 100755 --- a/fai/config/distro-install-common/end +++ b/fai/config/distro-install-common/end @@ -1,28 +1,83 @@ #!/bin/bash -x set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?"' ERR +trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR +if [[ $EUID != 0 ]]; then + echo "$0: error: expected to be root." + exit 1 +fi +TPW=/q/root/shadow/traci-simple +if ifclass tp; then + ROOTPW="$TPW" +else + ROOTPW=/q/root/shadow/standard +fi + +chpw() { + # generating a hashed password: + # under debian, you can do + # mkpasswd -m sha-512 -s >/q/root/shadow/standard + # On arch, best seems to be copy your shadow file to a temp location, + # then passwd, get out the new pass, then copy the shadow file back. + + user=$1 + pwfile=$2 + if [[ $pwfile && -e $pwfile ]]; then + printf "$user:" | cat - "$pwfile" | $ROOTCMD chpasswd -e + else + echo "$0: warning: no pw set for $user" >&2 + fi +} +au() { + if ! $ROOTCMD getent passwd $1; then + $ROOTCMD useradd -m -s /bin/bash $1 || [[ $? == 9 ]] + fi +} + +chpw root "$ROOTPW" +# 9 = user already exists. so we are idempotent. +au ian +chpw ian "$ROOTPW" + +au traci +if ifclass frodo; then + chpw traci "$TPW" +fi +# comparing ian's groups to traci, I see none she should join on arch +$ROOTCMD usermod -a -G traci ian # based on unison error, with 8192 from # sysctl -a | grep fs.inotify.max_user_watches #http://stackoverflow.com/questions/535768/what-is-a-reasonable-amount-of-inotify-watches-with-linux -echo "fs.inotify.max_user_watches = 1000000" >> $target/etc/sysctl.d/99-sysctl.conf -# if we weren't rebooting, you could apply it now with: -# sysctl --system -echo 'ian ALL=(ALL) NOPASSWD: ALL' >> $target/etc/sudoers +f=$target/etc/sysctl.d/99-sysctl.conf +key=fs.inotify.max_user_watches +if [[ -e $f ]]; then sed -ri --follow-symlinks "/^\s*$key\s*=/d" $f; fi +echo "fs.inotify.max_user_watches = 1000000" >> $f +# applies it. it would be also be applied after a reboot +$ROOTCMD sysctl --system + +f=$target/etc/sudoers +line='ian ALL=(ALL) NOPASSWD: ALL' +if [[ ! -e $f ]] || ! grep -xF "$line" $f; then + echo "$line" >> $f +fi -dir=/q/p/c/machine_specific/$HOSTNAME/.unison +dir=/p/c/machine_specific/$HOSTNAME/.unison $ROOTCMD mkdir -p $dir -$ROOTCMD chown 1000:1000 $dir -$ROOTCMD rm -rf /root/.unison -$ROOTCMD ln -s $dir /root -$ROOTCMD ln -s /q/p / - -# kvm is normally created by some package, -# but unison doesn't like unknown groups, so make it now so initial sync works. -$ROOTCMD groupadd kvm +if ! $ROOTCMD test -L /root/.unison; then + $ROOTCMD rm -rf /root/.unison + $ROOTCMD ln -s -T $dir /root/.unison +fi + +$ROOTCMD chown -R 1000:1000 $dir +while true; do + $ROOTCMD chown 1000:1000 $dir + $ROOTCMD chmod 700 $dir + dir=$(dirname $dir) + if [[ $dir == /p ]]; then break; fi +done