diff options
authorr00t <>2018-01-03 12:44:46 -0500
committerr00t <>2018-01-03 12:44:46 -0500
commitc2cfd3298f8a8faf1d271269dd9f517353629f27 (patch)
parent2db702107d4296995cda6b047597bd86bf3a5143 (diff)
adding support for groups for live userv3.10
7 files changed, 26 insertions, 1 deletions
diff --git a/docs/TODO b/docs/TODO
index 4b16e88..20f85c9 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -2,6 +2,9 @@
-switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT.
-more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?),
change path combinations to use os.path.join etc.
+-mtree-like functionality; if mtree spec is found, apply that to files in overlay (or chroot even); otherwise copy from overlay and don't touch chroot
-i_am_a_racecar optimizations
- different distro guests (debian, etc.)-
@@ -29,6 +32,8 @@
--iPXE's curl
--initrd's curl
-WISH: Better logging/debugging
-WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention)
-does loader.efi support splash backgrounds? can i implement that differently somehow?
--yes, see e.g.
diff --git a/docs/manual/user/BUILDING.adoc b/docs/manual/user/BUILDING.adoc
index 452b933..fe50da0 100644
--- a/docs/manual/user/BUILDING.adoc
+++ b/docs/manual/user/BUILDING.adoc
@@ -7,6 +7,8 @@ NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the
To initiate a build, simply run `<basedir>/bdisk/`. That's it! Everything should continue automatically.
+If you'd like to specify a path to a specific build configuration, you can use `<basedir>/bdisk/ path/to/build.ini`. The default is _/etc/bdisk/build.ini_ (plus <<the_code_build_ini_code_,other locations>>).
If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.)
If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <<bug_reports_feature_requests,bug report>>!
diff --git a/docs/manual/user/BUILDINI.adoc b/docs/manual/user/BUILDINI.adoc
index 2ac170c..362dc1d 100644
--- a/docs/manual/user/BUILDINI.adoc
+++ b/docs/manual/user/BUILDINI.adoc
@@ -35,6 +35,7 @@ We'll go into more detail for each section below.
username = ${bdisk:uxname}
name = Default user
+ groups = ${bdisk:uxname},admin
password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/
mirror =
@@ -192,6 +193,15 @@ What comment/description/real name should be used for the user? For more informa
. ASCII only
+==== `groups`
+What groups this user should be added to, comma-separated. They will be created if they don't exist yet. Standard *nix group names rules apply:
+. ASCII only
+. 32 characters or less
+. Can only contain lower-case letters, numeric digits, underscores, or dashes (and can end with a dollar sign)
+. Must start with a (lower-case) letter or underscore
+. No whitespace
==== `password`
The escaped, salted, hashed string to use for the non-root user.
diff --git a/extra/ b/extra/
index 62220da..9751076 100644
--- a/extra/
+++ b/extra/
@@ -26,6 +26,7 @@ user = yes
username = ${bdisk:uxname}
name = Default user
+groups = ${bdisk:uxname},admin
password =
diff --git a/extra/ b/extra/
index 04f686a..2bed919 100644
--- a/extra/
+++ b/extra/
@@ -26,6 +26,7 @@ user = yes
username = ${bdisk:uxname}
name = Default user
+groups = ${bdisk:uxname},admin
password =
diff --git a/extra/pre-build.d/root/ b/extra/pre-build.d/root/
index fb80566..5c0cbe7 100755
--- a/extra/pre-build.d/root/
+++ b/extra/pre-build.d/root/
@@ -141,7 +141,12 @@ then
# Add the regular user
useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR}
-usermod -aG users,games,video,audio ${REGUSR}
+usermod -aG users,games,video,audio ${REGUSR} # TODO: remove this in lieu of $REGUSR_GRPS? these are all kind of required, though, for regular users anyways
+for g in $(echo ${REGUSR_GRPS} | sed 's/,[[:space:]]*/ /g');
+ getent group ${g} > /dev/null 2>&1 || groupadd ${g}
+ usermod -aG ${g} ${REGUSR}
passwd -d ${REGUSR}
# Add them to sudoers
mkdir -p /etc/sudoers.d
diff --git a/extra/templates/pre-build.d/root/VARS.txt.j2 b/extra/templates/pre-build.d/root/VARS.txt.j2
index 0c4b8d1..2c1417a 100644
--- a/extra/templates/pre-build.d/root/VARS.txt.j2
+++ b/extra/templates/pre-build.d/root/VARS.txt.j2
@@ -4,6 +4,7 @@ export PNAME='{{ bdisk['name'] }}'
export DISTPUB='{{ bdisk['dev'] }}'
export DISTDESC='{{ bdisk['desc'] }}'
export REGUSR='{{ user['username']|lower }}'
+export REGUSR_GRPS='{{ user['groups'] }}'
export USERCOMMENT='{{ user['name'] }}'
export REGUSR_PASS='{{ user['password'] }}'
export ROOT_PASS='{{ bdisk['root_password'] }}'