Add unprivileged user to default image

author Daan De Meyer <daan.j.demeyer@gmail.com>

Wed, 17 Jul 2024 10:40:14 +0000 (12:40 +0200)

committer Daan De Meyer <daan.j.demeyer@gmail.com>

Wed, 17 Jul 2024 12:22:38 +0000 (14:22 +0200)
author Daan De Meyer <daan.j.demeyer@gmail.com>
Wed, 17 Jul 2024 10:40:14 +0000 (12:40 +0200)
committer Daan De Meyer <daan.j.demeyer@gmail.com>
Wed, 17 Jul 2024 12:22:38 +0000 (14:22 +0200)
diff --git a/mkosi.conf b/mkosi.conf

index e977078b496f51e364fd411f903ee4523bffc99d..0bae2df221872b449f3e993053eaffe91e655701 100644 (file)
--- a/mkosi.conf
+++ b/mkosi.conf
@@ -20,6 +20,7 @@ Packages=
          less
          nano
          strace
+        sudo
          systemd
          tmux
          udev
diff --git a/mkosi.conf.d/20-arch.conf b/mkosi.conf.d/20-arch.conf

index 8be11b199b102f9bd678e655467e3a124da73964..60f92e49bea85cc16974fd9230200351240ce008 100644 (file)
--- a/mkosi.conf.d/20-arch.conf
+++ b/mkosi.conf.d/20-arch.conf
@@ -15,6 +15,7 @@ Packages=
          linux
          openssh
          perf
+        polkit
          python
          qemu-user-static
          shim
diff --git a/mkosi.conf.d/20-opensuse/mkosi.conf b/mkosi.conf.d/20-opensuse/mkosi.conf

index 57887130840fa22ba68b405a138daf1ed6bbe431..d16bf354116bfac9c1c36f384214b1b92754bbb6 100644 (file)
--- a/mkosi.conf.d/20-opensuse/mkosi.conf
+++ b/mkosi.conf.d/20-opensuse/mkosi.conf
@@ -23,8 +23,10 @@ Packages=
          openssh-server
          patterns-base-minimal_base
          perf
+        polkit
          python3
          qemu-linux-user
          shim
          strace
+        sudo-policy-wheel-auth-self
          systemd-boot
diff --git a/mkosi.conf.d/30-centos-fedora/mkosi.conf b/mkosi.conf.d/30-centos-fedora/mkosi.conf

index 635a38b56087d15aa56e9e0c784b332ab1d0221d..18c1d6747f9a5c0749d60817f96c24211cf0668f 100644 (file)
--- a/mkosi.conf.d/30-centos-fedora/mkosi.conf
+++ b/mkosi.conf.d/30-centos-fedora/mkosi.conf
@@ -15,6 +15,7 @@ Packages=
          openssh-clients
          openssh-server
          perf
+        polkit
          python3
          strace
          systemd-resolved
diff --git a/mkosi.conf.d/30-debian-ubuntu/mkosi.conf b/mkosi.conf.d/30-debian-ubuntu/mkosi.conf

index 365739aae90c2db4b16ecf091f4c9731f3b06da7..7f91220ee2bb8b6b4abedc00abf6053ad6208d3a 100644 (file)
--- a/mkosi.conf.d/30-debian-ubuntu/mkosi.conf
+++ b/mkosi.conf.d/30-debian-ubuntu/mkosi.conf
@@ -16,6 +16,7 @@ Packages=
          libtss2-tcti-device0
          openssh-client
          openssh-server
+        polkitd
          python3
          qemu-user-static
          shim-signed
diff --git a/mkosi.postinst b/mkosi.postinst

new file mode 100755 (executable)

index 0000000..2d62c47
--- /dev/null
+++ b/mkosi.postinst
@@ -0,0 +1,18 @@
+#!/bin/bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+set -e
+
+if [[ "$DISTRIBUTION" =~ ubuntu|debian ]]; then
+    SUDO_GROUP=sudo
+else
+    SUDO_GROUP=wheel
+fi
+
+mkosi-chroot \
+    useradd \
+    --user-group \
+    --create-home \
+    --password "$(openssl passwd -1 mkosi)" \
+    --groups "$SUDO_GROUP",systemd-journal \
+    --shell /bin/bash \
+    mkosi
author	Daan De Meyer <daan.j.demeyer@gmail.com>
	Wed, 17 Jul 2024 10:40:14 +0000 (12:40 +0200)
committer	Daan De Meyer <daan.j.demeyer@gmail.com>
	Wed, 17 Jul 2024 12:22:38 +0000 (14:22 +0200)
mkosi.conf		patch \| blob \| blame \| history
mkosi.conf.d/20-arch.conf		patch \| blob \| blame \| history
mkosi.conf.d/20-opensuse/mkosi.conf		patch \| blob \| blame \| history
mkosi.conf.d/30-centos-fedora/mkosi.conf		patch \| blob \| blame \| history
mkosi.conf.d/30-debian-ubuntu/mkosi.conf		patch \| blob \| blame \| history
mkosi.postinst	[new file with mode: 0755]	patch \| blob