summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
9aefd1e)
Amazon does not permit that a user logs in as root directly.
Instead they insist on using sudo.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
usr/sbin/setup
usr/share/locale/ar/LC_MESSAGES/setup.mo
usr/share/locale/ca/LC_MESSAGES/setup.mo
usr/sbin/setup
usr/share/locale/ar/LC_MESSAGES/setup.mo
usr/share/locale/ca/LC_MESSAGES/setup.mo
echo "DOMAINNAME=${hostname#*.}" >> /var/ipfire/main/settings
fi
echo "DOMAINNAME=${hostname#*.}" >> /var/ipfire/main/settings
fi
- # Import SSH keys
- local line
- for line in $(get "public-keys/"); do
- local key_no="${line%=*}"
-
- local key="$(get public-keys/${key_no}/openssh-key)"
- if [ -n "${key}" ] && ! grep -q "^${key}$" /root/.ssh/authorized_keys 2>/dev/null; then
- mkdir -p /root/.ssh
- chmod 700 /root/.ssh
+ # Create setup user
+ if ! getent passwd setup &>/dev/null; then
+ useradd -r setup -s /usr/bin/run-setup -g nobody -m
+ fi
- echo "${key}" >> /root/.ssh/authorized_keys
- chmod 600 /root/.ssh/authorized_keys
- fi
+ # Import SSH keys
+ local user
+ for user in /root /home/setup; do
+ local line
+ for line in $(get "public-keys/"); do
+ local key_no="${line%=*}"
+
+ local key="$(get public-keys/${key_no}/openssh-key)"
+ if [ -n "${key}" ] && ! grep -q "^${key}$" "${user}/.ssh/authorized_keys" 2>/dev/null; then
+ mkdir -p "${user}/.ssh"
+ chmod 700 "${user}/.ssh"
+
+ echo "${key}" >> "${user}/.ssh/authorized_keys"
+ chmod 600 "${user}/.ssh/authorized_keys"
+ fi
+ done
done
# Import any DNS server settings
done
# Import any DNS server settings
AM_CXXFLAGS = $(OUR_CXXFLAGS)
AM_LDFLAGS = $(OUR_LDFLAGS)
AM_CXXFLAGS = $(OUR_CXXFLAGS)
AM_LDFLAGS = $(OUR_LDFLAGS)
+sudodir = /etc/sudoers.d
+
bin_SCRIPTS =
sbin_PROGRAMS =
#- setup -----------------------------------------------------------------------
bin_SCRIPTS =
sbin_PROGRAMS =
#- setup -----------------------------------------------------------------------
+bin_SCRIPTS += \
+ run-setup
+
bin_SCRIPTS += \
probenic.sh
bin_SCRIPTS += \
probenic.sh
+
+sudo_DATA = \
+ sudo/setup
--- /dev/null
+#!/bin/bash
+
+# Runs setup and tries to gain root privileges
+exec sudo setup
--- /dev/null
+# The setup is allowed to run the setup command
+setup ALL=(ALL) NOPASSWD: /usr/sbin/setup