From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7278939938131804160 X-Received: by 2002:a05:6512:3586:b0:502:d5cd:62 with SMTP id m6-20020a056512358600b00502d5cd0062mr685614lfr.14.1694760273860; Thu, 14 Sep 2023 23:44:33 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:2f3:b0:500:a007:12fa with SMTP id m19-20020a05651202f300b00500a00712fals78928lfq.1.-pod-prod-05-eu; Thu, 14 Sep 2023 23:44:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGtA2c3P9QxlVlIYTaMbD0HZfqkugnpzWE+YJnIuK/r6nQ3rCJ79NUlCJeAnDAQMIxjt6/Y X-Received: by 2002:a05:6512:450:b0:500:8ecb:509 with SMTP id y16-20020a056512045000b005008ecb0509mr575128lfk.15.1694760271701; Thu, 14 Sep 2023 23:44:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694760271; cv=none; d=google.com; s=arc-20160816; b=q9mLkRp8ln7z3m+OBhGxhNNbRFHWEUIxe9sQvXLPoLpfVD85wR1XFdtnUJO+dnOl7c bdjinixNtAWChiRcesbu+HEiV1yLDch3Qr1VjNFDm9NWHQKjUKO8kky+cmAryH40s8Qg dcs6vEG5IxYiCZtKg6h7+yK+nuODLc6opWiFv78qtaGZNgdcHv6+ihH0D8VrbABf3/6U /uv6x6vbhicfG9Whd1j4i3iwymah5smSEatPuHQeCAhTczxbzoze90oqN6SL3DL/vYpW GnKXHcni0wAbH27xdlgG9Esytn+ROnwJjdsr/l77CRDq8UvUrlwA0jk6b0KEvfucYTqB wr2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=czvd6uAjB24bVgdE4aQrbQxRpjhUUFhU0tmZX53x0SU=; fh=7tclEdh7YbwSQowgJ6LNq720O7H5HTEaqj22NJWRE2E=; b=GCbDYAzefmXv+wBMzIejPpculMKGpBZoFmixjMGARg7pr8nFH+yK+i82s5uGLeINB0 SXTQsm7yt/eawSL4Xjo5oQi2pEKmVCYu4qhExwX/8szuK43AO0tELjCKZNN5QJataPNZ xRYewiIPmOHsDEdvniioKjRTq0jMCYSHxCuZMHp5LAb9omFvhSfl7zXYCCcGUG1MTECd BpH4e4nGpHUuh+wRAP7SRmHKveXd5tYm0h+5MQFZisJ6VzGthl9tuUAIQPeRIGrQ1CBk /7M7PbrEu9heoeqZ8YuXq8kcBiml/9Rgd2iMrfBUI2+SL4v0MbkROxzdcz267J3Y/xJQ jLvQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Return-Path: Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id d7-20020a056512368700b004ff9d6b6cb0si223137lfs.2.2023.09.14.23.44.31 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 14 Sep 2023 23:44:31 -0700 (PDT) Received-SPF: pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Received: from baighyz.m.ilbers.de (host-80-81-17-52.static.customer.m-online.net [80.81.17.52]) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPSA id 38F6iQJX022764 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 15 Sep 2023 08:44:30 +0200 From: Uladzimir Bely To: isar-users@googlegroups.com Subject: [PATCH 12/13] kas: Add options to activate predefined users Date: Fri, 15 Sep 2023 08:44:25 +0200 Message-Id: <20230915064426.27676-13-ubely@ilbers.de> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230915064426.27676-1-ubely@ilbers.de> References: <20230915064426.27676-1-ubely@ilbers.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: q2etJgDsyIwL This allows to enable 'root' and 'isar' users and set their passwords. Signed-off-by: Uladzimir Bely --- kas/opt/Kconfig | 41 +++++++++++++++++++++++++++++++++++++++++ kas/opt/user-isar.yml | 16 ++++++++++++++++ kas/opt/user-root.yml | 7 +++++++ 3 files changed, 64 insertions(+) create mode 100644 kas/opt/user-isar.yml create mode 100644 kas/opt/user-root.yml diff --git a/kas/opt/Kconfig b/kas/opt/Kconfig index 113a6c9a..7eb4840b 100644 --- a/kas/opt/Kconfig +++ b/kas/opt/Kconfig @@ -75,6 +75,47 @@ config KAS_INCLUDE_PACKAGES_DISTRO endmenu +menu "User management" + +config USER_ROOT + bool "Activate 'root' user" + help + Enables root user. + +config KAS_USER_ROOT_PASSWORD + string "Password for 'root' user" + default "$6$rounds=10000$RXeWrnFmkY$DtuS/OmsAS2cCEDo0BF5qQsizIrq6jPgXnwv3PHqREJeKd1sXdHX/ayQtuQWVDHe0KIO0/sVH8dvQm1KthF0d/" + depends on USER_ROOT + help + Set password for 'root' user. Default value 'root', encrypted by: + 'mkpasswd -m sha512crypt -R 10000' + +config KAS_INCLUDE_USER_ROOT + string + default "kas/opt/user-root.yml" + depends on USER_ROOT + + +config USER_ISAR + bool "Activate 'isar' user" + default y + help + Enables `isar` user. + +config KAS_USER_ISAR_PASSWORD + string "Password for 'isar' user" + default "isar" + depends on USER_ISAR + help + Set password for 'isar' user. + +config KAS_INCLUDE_USER_ISAR + string + default "kas/opt/user-isar.yml" + depends on USER_ISAR + +endmenu + config KAS_IMAGE_FSTYPES string "Additional image fstypes" default "" diff --git a/kas/opt/user-isar.yml b/kas/opt/user-isar.yml new file mode 100644 index 00000000..f249e4e7 --- /dev/null +++ b/kas/opt/user-isar.yml @@ -0,0 +1,16 @@ +header: + version: 14 + +local_conf_header: + user-isar: | + GROUPS += "isar" + GROUP_isar[flags] = "system" + + USERS += "isar" + USER_isar[gid] = "isar" + USER_isar[home] = "/var/lib/isar" + USER_isar[comment] = "My isar user" + USER_isar[flags] = "system create-home" + + USER_isar[password] = "${KAS_USER_ISAR_PASSWORD}" + USER_isar[flags] += "clear-text-password" diff --git a/kas/opt/user-root.yml b/kas/opt/user-root.yml new file mode 100644 index 00000000..9c301767 --- /dev/null +++ b/kas/opt/user-root.yml @@ -0,0 +1,7 @@ +header: + version: 14 + +local_conf_header: + user-root: | + USERS += "root" + USER_root[password] ??= "${KAS_USER_ROOT_PASSWORD}" -- 2.20.1