From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7278939938131804160 X-Received: by 2002:a05:6402:524a:b0:525:4696:336d with SMTP id t10-20020a056402524a00b005254696336dmr2985883edd.8.1695373825347; Fri, 22 Sep 2023 02:10:25 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:aa7:d3c1:0:b0:532:c9b6:5c15 with SMTP id o1-20020aa7d3c1000000b00532c9b65c15ls837569edr.1.-pod-prod-07-eu; Fri, 22 Sep 2023 02:10:23 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHra4p/f/Z4nd0PGdqwm8BKdtLFQlOWm5rC8f6lxDc5jE0Jf6odU3iB0FHzmiOmLjcdmqI1 X-Received: by 2002:a17:906:1da:b0:9ae:4eb9:e09b with SMTP id 26-20020a17090601da00b009ae4eb9e09bmr6643882ejj.27.1695373823254; Fri, 22 Sep 2023 02:10:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695373823; cv=none; d=google.com; s=arc-20160816; b=kH92isZWfn6IPCqKFp6xeFpA7JEAT0/YS5KiRzuSErwh/H/5GIbKf6LqhePa48x6zd 2pUXhXHn+UHBfJZfeypcCr+jhQa/eE7zqMPjPtHoeBdkKnxiCzNbMSinvV5jwCDrpbM0 ZZ6F07Rmjqkf+5XnW4tmByCCBCVgT/GQHeXYVDzodNK4GLzdB9/Lc3P3Z/1+7P9b0QWK S76qQOkWJO8pVgQRzwJz6SiIJ9Y2LEB7kvKxJF121cw8LShCYzpuX+nZC8lFaUKLG0mZ XsIbp7IiL3LBWMHXDNyrRo1UwsvckMezf1gaYzhhM3bqDu45EkJYvEX4ORK7ztP9xAni /vTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=Of34GLEisqVs1Gf7Oj9I31/KGjYNFq6H/6KSRFxcUJo=; fh=7tclEdh7YbwSQowgJ6LNq720O7H5HTEaqj22NJWRE2E=; b=GpK0cnBP8g7RD4YmJvLpQd1Ubuw5lS9aS3LSmZ0wA1WVj31qlOOhMeCzaBUy2pdPto NgOcwsr8Kv5JhxO9oREZSAF+0jTN+LFrBf2Rh/y3K8qA6GfXWISx8TdZ8P4VDPuFU99L LyGC5FXA1rIGzOmo6tDPQYb1EW9GW7Wc7/uYt0DT2TkmEYw9Wbf0QQHgoisV+zG7DXRD sFnjdlGERgTyjH9MlJEHrj9E2EJBJ1DvUCmJOeB4Z09FGN8lOAHd6UiyLzptTeyLCN3F jfM8FeuXPEBdSYLLPfmQJCPE/ozR/ogygTwbD9ZbIVtvxYtrHO9VHtkzpgJpFmboZGd9 GMcw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Return-Path: Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id jz8-20020a17090775e800b009ae3e884341si317081ejc.0.2023.09.22.02.10.23 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 22 Sep 2023 02:10:23 -0700 (PDT) Received-SPF: pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Received: from baighyz.m.ilbers.de (host-80-81-17-52.static.customer.m-online.net [80.81.17.52]) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPSA id 38M9A3ZE031991 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 22 Sep 2023 11:10:22 +0200 From: Uladzimir Bely To: isar-users@googlegroups.com Subject: [PATCH v4 11/13] kas: Add options to activate predefined users Date: Fri, 22 Sep 2023 11:10:01 +0200 Message-Id: <20230922091003.20763-12-ubely@ilbers.de> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230922091003.20763-1-ubely@ilbers.de> References: <20230922091003.20763-1-ubely@ilbers.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: 549Al2Gjp/AJ This allows to enable 'root' and 'isar' users and set their passwords. Signed-off-by: Uladzimir Bely --- kas/opt/Kconfig | 40 ++++++++++++++++++++++++++++++++++++++++ kas/opt/user-isar.yaml | 19 +++++++++++++++++++ kas/opt/user-root.yaml | 11 +++++++++++ 3 files changed, 70 insertions(+) create mode 100644 kas/opt/user-isar.yaml create mode 100644 kas/opt/user-root.yaml diff --git a/kas/opt/Kconfig b/kas/opt/Kconfig index 328ac5e6..87fef870 100644 --- a/kas/opt/Kconfig +++ b/kas/opt/Kconfig @@ -42,6 +42,46 @@ config KAS_INCLUDE_MIRROR_UBUNTU endmenu +menu "User management" + +config USER_ROOT + bool "Activate 'root' user" + help + Enables root user. + +config KAS_USER_ROOT_PASSWORD + string "Password for 'root' user" + default "root" + depends on USER_ROOT + help + Set password for 'root' user. + +config KAS_INCLUDE_USER_ROOT + string + default "kas/opt/user-root.yaml" + depends on USER_ROOT + + +config USER_ISAR + bool "Activate 'isar' user" + default y + help + Enables `isar` user. + +config KAS_USER_ISAR_PASSWORD + string "Password for 'isar' user" + default "isar" + depends on USER_ISAR + help + Set password for 'isar' user. + +config KAS_INCLUDE_USER_ISAR + string + default "kas/opt/user-isar.yaml" + depends on USER_ISAR + +endmenu + config KAS_IMAGE_FSTYPES string "Additional image fstypes" default "" diff --git a/kas/opt/user-isar.yaml b/kas/opt/user-isar.yaml new file mode 100644 index 00000000..67611a40 --- /dev/null +++ b/kas/opt/user-isar.yaml @@ -0,0 +1,19 @@ +# This software is a part of ISAR. +# Copyright (C) 2023 ilbers GmbH + +header: + version: 14 + +local_conf_header: + user-isar: | + GROUPS += "isar" + GROUP_isar[flags] = "system" + + USERS += "isar" + USER_isar[gid] = "isar" + USER_isar[home] = "/var/lib/isar" + USER_isar[comment] = "My isar user" + USER_isar[flags] = "system create-home" + + USER_isar[password] = "${KAS_USER_ISAR_PASSWORD}" + USER_isar[flags] += "clear-text-password" diff --git a/kas/opt/user-root.yaml b/kas/opt/user-root.yaml new file mode 100644 index 00000000..65428e24 --- /dev/null +++ b/kas/opt/user-root.yaml @@ -0,0 +1,11 @@ +# This software is a part of ISAR. +# Copyright (C) 2023 ilbers GmbH + +header: + version: 14 + +local_conf_header: + user-root: | + USERS += "root" + USER_root[password] ??= "${KAS_USER_ROOT_PASSWORD}" + USER_root[flags] += "clear-text-password" -- 2.20.1