#!/bin/bash -x set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR if [[ $EUID != 0 ]]; then echo "$0: error: expected to be root." exit 1 fi TPW=/q/root/shadow/traci-simple if ifclass tp; then ROOTPW="$TPW" else ROOTPW=/q/root/shadow/standard fi chpw() { # generating a hashed password: # under debian, you can do # mkpasswd -m sha-512 -s >/q/root/shadow/standard # On arch, best seems to be copy your shadow file to a temp location, # then passwd, get out the new pass, then copy the shadow file back. user=$1 pwfile=$2 if [[ $pwfile && -e $pwfile ]]; then printf "$user:" | cat - "$pwfile" | $ROOTCMD chpasswd -e else echo "$0: warning: no pw set for $user" >&2 fi } au() { if ! $ROOTCMD getent passwd $1; then $ROOTCMD useradd -m -s /bin/bash $1 || [[ $? == 9 ]] fi } chpw root "$ROOTPW" # 9 = user already exists. so we are idempotent. au ian chpw ian "$ROOTPW" au traci if ifclass frodo; then chpw traci "$TPW" fi # comparing ian's groups to traci, I see none she should join on arch $ROOTCMD usermod -a -G traci ian # based on unison error, with 8192 from # sysctl -a | grep fs.inotify.max_user_watches #http://stackoverflow.com/questions/535768/what-is-a-reasonable-amount-of-inotify-watches-with-linux f=$target/etc/sysctl.d/99-sysctl.conf key=fs.inotify.max_user_watches if [[ -e $f ]]; then sed -ri --follow-symlinks "/^\s*$key\s*=/d" $f; fi echo "fs.inotify.max_user_watches = 1000000" >> $f # applies it. it would be also be applied after a reboot $ROOTCMD sysctl --system f=$target/etc/sudoers line='ian ALL=(ALL) NOPASSWD: ALL' if [[ ! -e $f ]] || ! grep -xF "$line" $f; then echo "$line" >> $f fi dir=/p/c/machine_specific/$HOSTNAME/.unison $ROOTCMD mkdir -p $dir if ! $ROOTCMD test -L /root/.unison; then $ROOTCMD rm -rf /root/.unison $ROOTCMD ln -s -T $dir /root/.unison fi $ROOTCMD chown -R 1000:1000 $dir while true; do $ROOTCMD chown 1000:1000 $dir $ROOTCMD chmod 700 $dir dir=$(dirname $dir) if [[ $dir == /p ]]; then break; fi done