r00t2/bdisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

adding support for groups for live user

Browse Source
This commit is contained in:
brent s. 2018-01-03 12:44:46 -05:00
parent 2db702107d
commit c2cfd3298f
7 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/TODO
View File

@ -2,6 +2,9 @@
-switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT. -switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT.
-more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?), -more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?),
change path combinations to use os.path.join etc. change path combinations to use os.path.join etc.
-modularity: https://stackoverflow.com/a/8719100

-mtree-like functionality; if mtree spec is found, apply that to files in overlay (or chroot even); otherwise copy from overlay and don't touch chroot


-i_am_a_racecar optimizations -i_am_a_racecar optimizations
- different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411 - different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411
@ -29,6 +32,8 @@
--iPXE's curl --iPXE's curl
--initrd's curl --initrd's curl
-WISH: Better logging/debugging -WISH: Better logging/debugging
https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-logging-every-day/

-WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention) -WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention)
-does loader.efi support splash backgrounds? can i implement that differently somehow? -does loader.efi support splash backgrounds? can i implement that differently somehow?
--yes, see e.g. https://www.reddit.com/r/archlinux/comments/3bwgf0/where_put_the_splasharchbmp_to_splash_screen_boot/ --yes, see e.g. https://www.reddit.com/r/archlinux/comments/3bwgf0/where_put_the_splasharchbmp_to_splash_screen_boot/

2
docs/manual/user/BUILDING.adoc
View File

@ -7,6 +7,8 @@ NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the


To initiate a build, simply run `<basedir>/bdisk/bdisk.py`. That's it! Everything should continue automatically. To initiate a build, simply run `<basedir>/bdisk/bdisk.py`. That's it! Everything should continue automatically.


If you'd like to specify a path to a specific build configuration, you can use `<basedir>/bdisk/bdisk.py path/to/build.ini`. The default is _/etc/bdisk/build.ini_ (plus <<the_code_build_ini_code_,other locations>>).

If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.) If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.)


If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <<bug_reports_feature_requests,bug report>>! If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <<bug_reports_feature_requests,bug report>>!

10
docs/manual/user/BUILDINI.adoc
View File

@ -35,6 +35,7 @@ We'll go into more detail for each section below.
[user] [user]
username = ${bdisk:uxname} username = ${bdisk:uxname}
name = Default user name = Default user
groups = ${bdisk:uxname},admin
password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/ password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/
[source_x86_64] [source_x86_64]
mirror = mirror.us.leaseweb.net mirror = mirror.us.leaseweb.net
@ -192,6 +193,15 @@ What comment/description/real name should be used for the user? For more informa


. ASCII only . ASCII only


==== `groups`
What groups this user should be added to, comma-separated. They will be created if they don't exist yet. Standard *nix group names rules apply:

. ASCII only
. 32 characters or less
. Can only contain lower-case letters, numeric digits, underscores, or dashes (and can end with a dollar sign)
. Must start with a (lower-case) letter or underscore
. No whitespace

==== `password` ==== `password`
The escaped, salted, hashed string to use for the non-root user. The escaped, salted, hashed string to use for the non-root user.



1
extra/dist.build.ini
View File

@ -26,6 +26,7 @@ user = yes
[user] [user]
username = ${bdisk:uxname} username = ${bdisk:uxname}
name = Default user name = Default user
groups = ${bdisk:uxname},admin
password = password =


[source_x86_64] [source_x86_64]

1
extra/pkg.build.ini
View File

@ -26,6 +26,7 @@ user = yes
[user] [user]
username = ${bdisk:uxname} username = ${bdisk:uxname}
name = Default user name = Default user
groups = ${bdisk:uxname},admin
password = password =


[source_x86_64] [source_x86_64]

7
extra/pre-build.d/root/pre-build.sh
View File

@ -141,7 +141,12 @@ then
fi fi
# Add the regular user # Add the regular user
useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR} useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR}
usermod -aG users,games,video,audio ${REGUSR} usermod -aG users,games,video,audio ${REGUSR} # TODO: remove this in lieu of $REGUSR_GRPS? these are all kind of required, though, for regular users anyways
for g in $(echo ${REGUSR_GRPS} | sed 's/,[[:space:]]*/ /g');
do
getent group ${g} > /dev/null 2>&1 || groupadd ${g}
usermod -aG ${g} ${REGUSR}
done
passwd -d ${REGUSR} passwd -d ${REGUSR}
# Add them to sudoers # Add them to sudoers
mkdir -p /etc/sudoers.d mkdir -p /etc/sudoers.d

1
extra/templates/pre-build.d/root/VARS.txt.j2
View File

@ -4,6 +4,7 @@ export PNAME='{{ bdisk['name'] }}'
export DISTPUB='{{ bdisk['dev'] }}' export DISTPUB='{{ bdisk['dev'] }}'
export DISTDESC='{{ bdisk['desc'] }}' export DISTDESC='{{ bdisk['desc'] }}'
export REGUSR='{{ user['username']|lower }}' export REGUSR='{{ user['username']|lower }}'
export REGUSR_GRPS='{{ user['groups'] }}'
export USERCOMMENT='{{ user['name'] }}' export USERCOMMENT='{{ user['name'] }}'
export REGUSR_PASS='{{ user['password'] }}' export REGUSR_PASS='{{ user['password'] }}'
export ROOT_PASS='{{ bdisk['root_password'] }}' export ROOT_PASS='{{ bdisk['root_password'] }}'