4 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
6 if [[ $EUID != 0 ]]; then
7 echo "$0: error: expected to be root."
12 # note, $BASH_SOURCE is not defined here under fai.
13 src
=$
(dirname "$0")/p
/c
/machine_specific
/$HOSTNAME/filesystem
/etc
/ssh
15 if [[ -e $src && -e $dst ]]; then
16 # outside of fai context, we skip this
20 USER2PW
=/q
/root
/shadow
/user2
22 ROOTPW
=/q
/root
/shadow
/ziva
24 ROOTPW
=/q
/root
/shadow
/standard
28 # generating a hashed password:
29 # under debian, you can do
30 # mkpasswd -m sha-512 -s >/q/root/shadow/standard
31 # On arch, best seems to be copy your shadow file to a temp location,
32 # then passwd, get out the new pass, then copy the shadow file back.
36 if [[ $pwfile && -e $pwfile ]]; then
37 printf "$user:" |
cat - "$pwfile" |
$ROOTCMD chpasswd
-e
39 echo "$0: warning: no pw set for $user" >&2
42 au
() { # add user. i don't use adduser for portability
43 if ! $ROOTCMD getent passwd
${@: -1}; then
44 $ROOTCMD useradd
-Um -s /bin
/bash $@
50 # only setup root pass for bootstrap vol
51 if ifclass VOL_STRETCH_BOOTSTRAP
; then
56 # return of 9 = user already exists. so we are idempotent.
61 if ifclass frodo
; then
64 # comparing iank's groups to user2, I see none she should join on arch
65 $ROOTCMD usermod
-a -G user2 iank
68 $ROOTCMD getent group docker
&>/dev
/null ||
$ROOTCMD groupadd
-r docker
69 $ROOTCMD usermod
-a -G docker iank
71 # based on unison error, with 8192 from
72 # sysctl -a | grep fs.inotify.max_user_watches
73 #http://stackoverflow.com/questions/535768/what-is-a-reasonable-amount-of-inotify-watches-with-linux
74 f
=$target/etc
/sysctl.d
/99-sysctl.conf
75 key
=fs.inotify.max_user_watches
76 if [[ -e $f ]]; then sed -ri --follow-symlinks "/^\s*$key\s*=/d" $f; fi
77 echo "fs.inotify.max_user_watches = 1000000" >> $f
78 # applies it. it would be also be applied after a reboot
79 $ROOTCMD sysctl
--system
82 line
='iank ALL=(ALL) NOPASSWD: ALL'
83 if [[ ! -e $f ]] ||
! grep -xF "$line" $f; then
87 dir
=/p
/c
/machine_specific
/$HOSTNAME/.unison
88 $ROOTCMD mkdir
-p $dir
89 if ! $ROOTCMD test -L /root
/.unison
; then
90 $ROOTCMD rm -rf /root
/.unison
91 $ROOTCMD ln -s -T $dir /root
/.unison
94 $ROOTCMD chown
-R 1000:1000 $dir
96 $ROOTCMD chown
1000:1000 $dir
97 $ROOTCMD chmod 700 $dir
99 if [[ $dir == /p
]]; then break; fi
102 au
--system -s /bin
/false
--home-dir /var
/lib
/bitcoind bitcoin