From: Daan De Meyer Date: Fri, 17 Mar 2023 10:59:04 +0000 (+0100) Subject: fedora: Default to the minimal authselect profile if authselect is installed X-Git-Tag: v15~290 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2c6fcb48441af26b927337b04d66af9a6ea8244;p=thirdparty%2Fmkosi.git fedora: Default to the minimal authselect profile if authselect is installed --- diff --git a/mkosi/distributions/fedora.py b/mkosi/distributions/fedora.py index bd0452b3b..06bcd8a93 100644 --- a/mkosi/distributions/fedora.py +++ b/mkosi/distributions/fedora.py @@ -1,6 +1,7 @@ # SPDX-License-Identifier: LGPL-2.1+ import shutil +import subprocess import urllib.parse import urllib.request from collections.abc import Iterable, Mapping, Sequence @@ -18,7 +19,7 @@ from mkosi.backend import ( from mkosi.distributions import DistributionInstaller from mkosi.log import MkosiPrinter, complete_step, warn from mkosi.remove import unlink_try_hard -from mkosi.run import run_with_apivfs +from mkosi.run import run_with_apivfs, run_workspace_command FEDORA_KEYS_MAP = { "36": "53DED2CB922D8B8D9E63FD18999F7CBF38AB71F4", @@ -110,6 +111,16 @@ def install_fedora(state: MkosiState) -> None: invoke_dnf(state, "install", packages) + # Fedora defaults to sssd authselect profile, let's override it with the minimal profile if it exists and + # extend it with the with-homed feature if we can find it. + if state.root.joinpath("usr/share/authselect/default/minimal").exists(): + run_workspace_command(state, ["authselect", "select", "minimal"]) + + features = run_workspace_command(state, ["authselect", "list-features", "minimal"], + stdout=subprocess.PIPE).stdout.split() + if "with-homed" in features: + run_workspace_command(state, ["authselect", "enable-feature", "with-homed"]) + def url_exists(url: str) -> bool: req = urllib.request.Request(url, method="HEAD")