X-Git-Url: https://iankelling.org/git/?p=automated-distro-installer;a=blobdiff_plain;f=fai%2Fconfig%2Fdistro-install-common%2Fend;h=57b71159f62352228b8f53f28fb0b3ae89e138f8;hp=3d061b3445e961542562eccc59a813187c382528;hb=9fefba0a7ad0f7d9cac32b81f960ae8828de2a66;hpb=ed3681256885d295f39d5df60784d3281a2f8719 diff --git a/fai/config/distro-install-common/end b/fai/config/distro-install-common/end index 3d061b3..57b7115 100755 --- a/fai/config/distro-install-common/end +++ b/fai/config/distro-install-common/end @@ -19,11 +19,10 @@ if [[ -e $src && -e $dst ]]; then fi USER2PW=/q/root/shadow/user2 -if ifclass ziva; then - ROOTPW=/q/root/shadow/ziva -else - # if doesn't exist, we dont set one - ROOTPW=/q/root/shadow/standard +# if doesn't exist, we dont set one +ROOTPW=/q/root/shadow/standard +if [[ ! -e $ROOTPW ]]; then + ROOTPW=/q/root/shadow/$HOSTNAME fi chpw() { @@ -42,15 +41,16 @@ chpw() { fi } au() { # add user. i don't use adduser for portability - if ! $ROOTCMD getent passwd ${@: -1}; then - $ROOTCMD useradd -Um -s /bin/bash $@ + local user=${@: -1} + if ! $ROOTCMD getent passwd $user; then + $ROOTCMD useradd -c $user -Um -s /bin/bash $@ fi } chpw root "$ROOTPW" # only setup root pass for bootstrap vol -if ifclass VOL_STRETCH_BOOTSTRAP; then +if ifclass VOL_BULLSEYE_BOOTSTRAP; then exit 0 fi @@ -80,10 +80,31 @@ echo "fs.inotify.max_user_watches = 50000" >> $f # applies it. it would be also be applied after a reboot $ROOTCMD sysctl --system +cat >$target/etc/sudoers.d/ianksudoers <<'EOF' +Defaults timestamp_timeout=1440 +# used in bashrc +Defaults env_keep += SUDOD +# always_set_home +# makes ubuntu be like debian +# https://unix.stackexchange.com/a/91572 +Defaults always_set_home +# umask: default setting is to have minimum umask of 0022 +# This lets us have user-specific umasks which are more permissive. +# I did this for transmission and set it's umask gecos on install, +# see there for more info. +Defaults !umask +# i use sudo in cronjobs, it spams the logs rather uselessly +# https://stackoverflow.com/questions/14277116/suppress-log-entry-for-single-sudo-commands +Defaults:root,iank !log_allowed, !pam_session +# for just the root user, set some env vars +Defaults>root env_file=/etc/rootsudoenv +EOF + +# remove old config line. can be removed eventually. f=$target/etc/sudoers line='iank ALL=(ALL) NOPASSWD: ALL' -if [[ ! -e $f ]] || ! grep -xF "$line" $f; then - echo "$line" >> $f +if grep -qxF "$line" $f; then + sed -i "/^$line/d" $f fi