summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorr00t <bts@square-r00t.net>2018-01-03 12:44:46 -0500
committerr00t <bts@square-r00t.net>2018-01-03 12:44:46 -0500
commitc2cfd3298f8a8faf1d271269dd9f517353629f27 (patch)
treea585afb126940e033187c70074994a407672b3e8
parent2db702107d4296995cda6b047597bd86bf3a5143 (diff)
downloadBDisk-c2cfd3298f8a8faf1d271269dd9f517353629f27.tar.xz
adding support for groups for live userv3.10
-rw-r--r--docs/TODO5
-rw-r--r--docs/manual/user/BUILDING.adoc2
-rw-r--r--docs/manual/user/BUILDINI.adoc10
-rw-r--r--extra/dist.build.ini1
-rw-r--r--extra/pkg.build.ini1
-rwxr-xr-xextra/pre-build.d/root/pre-build.sh7
-rw-r--r--extra/templates/pre-build.d/root/VARS.txt.j21
7 files changed, 26 insertions, 1 deletions
diff --git a/docs/TODO b/docs/TODO
index 4b16e88..20f85c9 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -2,6 +2,9 @@
-switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT.
-more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?),
change path combinations to use os.path.join etc.
+-modularity: https://stackoverflow.com/a/8719100
+
+-mtree-like functionality; if mtree spec is found, apply that to files in overlay (or chroot even); otherwise copy from overlay and don't touch chroot
-i_am_a_racecar optimizations
- different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411
@@ -29,6 +32,8 @@
--iPXE's curl
--initrd's curl
-WISH: Better logging/debugging
+https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-logging-every-day/
+
-WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention)
-does loader.efi support splash backgrounds? can i implement that differently somehow?
--yes, see e.g. https://www.reddit.com/r/archlinux/comments/3bwgf0/where_put_the_splasharchbmp_to_splash_screen_boot/
diff --git a/docs/manual/user/BUILDING.adoc b/docs/manual/user/BUILDING.adoc
index 452b933..fe50da0 100644
--- a/docs/manual/user/BUILDING.adoc
+++ b/docs/manual/user/BUILDING.adoc
@@ -7,6 +7,8 @@ NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the
To initiate a build, simply run `<basedir>/bdisk/bdisk.py`. That's it! Everything should continue automatically.
+If you'd like to specify a path to a specific build configuration, you can use `<basedir>/bdisk/bdisk.py path/to/build.ini`. The default is _/etc/bdisk/build.ini_ (plus <<the_code_build_ini_code_,other locations>>).
+
If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.)
If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <<bug_reports_feature_requests,bug report>>!
diff --git a/docs/manual/user/BUILDINI.adoc b/docs/manual/user/BUILDINI.adoc
index 2ac170c..362dc1d 100644
--- a/docs/manual/user/BUILDINI.adoc
+++ b/docs/manual/user/BUILDINI.adoc
@@ -35,6 +35,7 @@ We'll go into more detail for each section below.
[user]
username = ${bdisk:uxname}
name = Default user
+ groups = ${bdisk:uxname},admin
password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/
[source_x86_64]
mirror = mirror.us.leaseweb.net
@@ -192,6 +193,15 @@ What comment/description/real name should be used for the user? For more informa
. ASCII only
+==== `groups`
+What groups this user should be added to, comma-separated. They will be created if they don't exist yet. Standard *nix group names rules apply:
+
+. ASCII only
+. 32 characters or less
+. Can only contain lower-case letters, numeric digits, underscores, or dashes (and can end with a dollar sign)
+. Must start with a (lower-case) letter or underscore
+. No whitespace
+
==== `password`
The escaped, salted, hashed string to use for the non-root user.
diff --git a/extra/dist.build.ini b/extra/dist.build.ini
index 62220da..9751076 100644
--- a/extra/dist.build.ini
+++ b/extra/dist.build.ini
@@ -26,6 +26,7 @@ user = yes
[user]
username = ${bdisk:uxname}
name = Default user
+groups = ${bdisk:uxname},admin
password =
[source_x86_64]
diff --git a/extra/pkg.build.ini b/extra/pkg.build.ini
index 04f686a..2bed919 100644
--- a/extra/pkg.build.ini
+++ b/extra/pkg.build.ini
@@ -26,6 +26,7 @@ user = yes
[user]
username = ${bdisk:uxname}
name = Default user
+groups = ${bdisk:uxname},admin
password =
[source_x86_64]
diff --git a/extra/pre-build.d/root/pre-build.sh b/extra/pre-build.d/root/pre-build.sh
index fb80566..5c0cbe7 100755
--- a/extra/pre-build.d/root/pre-build.sh
+++ b/extra/pre-build.d/root/pre-build.sh
@@ -141,7 +141,12 @@ then
fi
# Add the regular user
useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR}
-usermod -aG users,games,video,audio ${REGUSR}
+usermod -aG users,games,video,audio ${REGUSR} # TODO: remove this in lieu of $REGUSR_GRPS? these are all kind of required, though, for regular users anyways
+for g in $(echo ${REGUSR_GRPS} | sed 's/,[[:space:]]*/ /g');
+do
+ getent group ${g} > /dev/null 2>&1 || groupadd ${g}
+ usermod -aG ${g} ${REGUSR}
+done
passwd -d ${REGUSR}
# Add them to sudoers
mkdir -p /etc/sudoers.d
diff --git a/extra/templates/pre-build.d/root/VARS.txt.j2 b/extra/templates/pre-build.d/root/VARS.txt.j2
index 0c4b8d1..2c1417a 100644
--- a/extra/templates/pre-build.d/root/VARS.txt.j2
+++ b/extra/templates/pre-build.d/root/VARS.txt.j2
@@ -4,6 +4,7 @@ export PNAME='{{ bdisk['name'] }}'
export DISTPUB='{{ bdisk['dev'] }}'
export DISTDESC='{{ bdisk['desc'] }}'
export REGUSR='{{ user['username']|lower }}'
+export REGUSR_GRPS='{{ user['groups'] }}'
export USERCOMMENT='{{ user['name'] }}'
export REGUSR_PASS='{{ user['password'] }}'
export ROOT_PASS='{{ bdisk['root_password'] }}'