fi
USER2PW=/q/root/shadow/user2
-if ifclass ziva; then
- ROOTPW=/q/root/shadow/ziva
-else
- # if doesn't exist, we dont set one
- ROOTPW=/q/root/shadow/standard
+# if doesn't exist, we dont set one
+ROOTPW=/q/root/shadow/standard
+if [[ ! -e $ROOTPW ]]; then
+ ROOTPW=/q/root/shadow/$HOSTNAME
fi
chpw() {
fi
}
au() { # add user. i don't use adduser for portability
- if ! $ROOTCMD getent passwd ${@: -1}; then
- $ROOTCMD useradd -Um -s /bin/bash $@
+ local user=${@: -1}
+ if ! $ROOTCMD getent passwd $user; then
+ $ROOTCMD useradd -c $user -Um -s /bin/bash $@
fi
}
chpw root "$ROOTPW"
# only setup root pass for bootstrap vol
-if ifclass VOL_STRETCH_BOOTSTRAP; then
+if ifclass VOL_BULLSEYE_BOOTSTRAP; then
exit 0
fi
# applies it. it would be also be applied after a reboot
$ROOTCMD sysctl --system
+if getent group sudo >/dev/null; then
+ usermod -aG sudo iank
+fi
+
+cat >$target/etc/sudoers.d/ianksudoers <<'EOF'
+Defaults timestamp_timeout=1440
+# used in bashrc
+Defaults env_keep += SUDOD
+# always_set_home
+# makes ubuntu be like debian
+# https://unix.stackexchange.com/a/91572
+Defaults always_set_home
+# umask: default setting is to have minimum umask of 0022
+# This lets us have user-specific umasks which are more permissive.
+# I did this for transmission and set it's umask gecos on install,
+# see there for more info.
+Defaults !umask
+# i use sudo in cronjobs, it spams the logs rather uselessly
+# https://stackoverflow.com/questions/14277116/suppress-log-entry-for-single-sudo-commands
+Defaults:root,iank !log_allowed, !pam_session
+# for just the root user, set some env vars
+Defaults>root env_file=/etc/rootsudoenv
+EOF
+
+case $HOSTNAME in
+ li|bk|je)
+ cat >>$target/etc/sudoers.d/ianksudoers <<'EOF'
+iank ALL=(ALL) NOPASSWD: ALL
+EOF
+ ;;
+esac
+
+# remove old config line. can be removed eventually.
f=$target/etc/sudoers
line='iank ALL=(ALL) NOPASSWD: ALL'
-if [[ ! -e $f ]] || ! grep -xF "$line" $f; then
- echo "$line" >> $f
+if grep -qxF "$line" $f; then
+ sed -i "/^$line/d" $f
fi