X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=fai%2Fconfig%2Fdistro-install-common%2Fend;h=3735142d3507aa798e1f5d36cceafc61e0a511d6;hb=0a2a4d11ef323da19d0cebe2f5ec7b1be7bd15bc;hp=7d83b20e3c7c58ae3760fa45c6615b40623b577a;hpb=a8ec695d6a39792133a21e9eca70e69f9fab107b;p=automated-distro-installer diff --git a/fai/config/distro-install-common/end b/fai/config/distro-install-common/end index 7d83b20..3735142 100755 --- a/fai/config/distro-install-common/end +++ b/fai/config/distro-install-common/end @@ -3,7 +3,50 @@ set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR +if [[ $EUID != 0 ]]; then + echo "$0: error: expected to be root." + exit 1 +fi + +TPW=/q/root/shadow/traci-simple +if ifclass tp; then + ROOTPW="$TPW" +else + ROOTPW=/q/root/shadow/standard +fi + +chpw() { + # generating a hashed password: + # under debian, you can do + # mkpasswd -m sha-512 -s >/q/root/shadow/standard + # On arch, best seems to be copy your shadow file to a temp location, + # then passwd, get out the new pass, then copy the shadow file back. + + user=$1 + pwfile=$2 + if [[ $pwfile && -e $pwfile ]]; then + printf "$user:" | cat - "$pwfile" | $ROOTCMD chpasswd -e + else + echo "$0: warning: no pw set for $user" >&2 + fi +} +au() { + if ! $ROOTCMD getent passwd $1; then + $ROOTCMD useradd -m -s /bin/bash $1 || [[ $? == 9 ]] + fi +} +chpw root "$ROOTPW" +# 9 = user already exists. so we are idempotent. +au ian +chpw ian "$ROOTPW" + +au traci +if ifclass frodo; then + chpw traci "$TPW" +fi +# comparing ian's groups to traci, I see none she should join on arch +$ROOTCMD usermod -a -G traci ian # based on unison error, with 8192 from @@ -12,10 +55,10 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR f=$target/etc/sysctl.d/99-sysctl.conf key=fs.inotify.max_user_watches -if [[ -e $f ]]; then sed -ri "/^\s*$key\s*=/d" $f; fi +if [[ -e $f ]]; then sed -ri --follow-symlinks "/^\s*$key\s*=/d" $f; fi echo "fs.inotify.max_user_watches = 1000000" >> $f -# if we weren't rebooting, you could apply it now with: -# sysctl --system +# applies it. it would be also be applied after a reboot +$ROOTCMD sysctl --system f=$target/etc/sudoers line='ian ALL=(ALL) NOPASSWD: ALL' @@ -24,20 +67,17 @@ if [[ ! -e $f ]] || ! grep -xF "$line" $f; then fi -dir=/q/p/c/machine_specific/$HOSTNAME/.unison +dir=/p/c/machine_specific/$HOSTNAME/.unison $ROOTCMD mkdir -p $dir +if ! $ROOTCMD test -L /root/.unison; then + $ROOTCMD rm -rf /root/.unison + $ROOTCMD ln -s -T $dir /root/.unison +fi -$ROOTCMD rm -rf /root/.unison -$ROOTCMD ln -sf $dir /root -$ROOTCMD ln -sf /q/p / - +$ROOTCMD chown -R 1000:1000 $dir while true; do $ROOTCMD chown 1000:1000 $dir $ROOTCMD chmod 700 $dir dir=$(dirname $dir) - [[ $dir != /q ]] || break + if [[ $dir == /p ]]; then break; fi done - -# kvm is normally created by some package, -# but unison doesn't like unknown groups, so make it now so initial sync works. -$ROOTCMD groupadd -r kvm || [[ $? == 9 ]]