From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7278939938131804160 X-Received: by 2002:a50:ee89:0:b0:523:1e0a:e12e with SMTP id f9-20020a50ee89000000b005231e0ae12emr7686477edr.23.1695706669936; Mon, 25 Sep 2023 22:37:49 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:aa7:d3c1:0:b0:532:c9b6:5c15 with SMTP id o1-20020aa7d3c1000000b00532c9b65c15ls780454edr.1.-pod-prod-07-eu; Mon, 25 Sep 2023 22:37:48 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFKNZOt3iB3HRk0Iy87bwPRTn/onroGUdzi1EZmfjORcg/d4CkT3rSiXEwuktjWiIjOXe1u X-Received: by 2002:aa7:d912:0:b0:530:9bea:ed5e with SMTP id a18-20020aa7d912000000b005309beaed5emr7050373edr.14.1695706668099; Mon, 25 Sep 2023 22:37:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695706668; cv=none; d=google.com; s=arc-20160816; b=kci4prhaCTUZSKH/IY928v5Zyc1DuiWUkR2cy9alnPM5ULwB/zk1jZuK9kGQotvrFv ztrCRhc85T+Icgat+SJb1CyO2iUGcbB1xQDA1U3dLmgZZf5Vn5V8+btjiPVVOgz0gTg1 t7wC9N1oQJrVhWdJicaduh+mRtoze5PlxKdESrBLxDVyJlhRyoMrJQOHJmHgEQ4ZdIsm KBUR0NfLfvlJ91n4KDRH+mGrWYBy6kx/3whunwdmAl+JJGq1A7v6W1fPGgdv0+uG9BLB 2XA5WtF0vImgLFyd2gK/b76zh/WSyxP10El+kcf5BYYgn5bKWvDL/uFAuQovTncqdodh BgkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=LLapi3GDqatoLbatbu7tjJjl1fRHFvvnugF76x55ak4=; fh=7tclEdh7YbwSQowgJ6LNq720O7H5HTEaqj22NJWRE2E=; b=cGO4vLHRTgrV4HS0CBowyF3ssodG1wttCWZowgCQ+UOCo49eyDL9a/w4Ikqg38lW33 onLfAqhJUeFmVHClJkRrPwGf53fdWWW5tJlzGZP3i0GHUJ0VfYZFsMelXjEf2GK7tSYw r3W/zbMwOYIe3ukRlRFOSWfn+fKEci5xl+JtGXMcrM3gsYoAlzG5xllFC4lC+bY06gUU zimS1BHlafQ+UCp7yMiiw0FpJ3/qckMY56/FJVpGaaK8hl92bOy4upMLo+XCnvMcrnZo RK+l1V+9AszT30BGNI6bIBWbPQyTy7KzpqK7z4FRvsmBWiBaaPQZAh5DdJCcZ5MsWr8F +Bjw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Return-Path: Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id g19-20020a056402321300b0051fe05f750asi976172eda.2.2023.09.25.22.37.47 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 25 Sep 2023 22:37:48 -0700 (PDT) Received-SPF: pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Received: from baighyz.m.ilbers.de (host-80-81-17-52.static.customer.m-online.net [80.81.17.52]) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPSA id 38Q5bhxv016779 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 26 Sep 2023 07:37:47 +0200 From: Uladzimir Bely To: isar-users@googlegroups.com Subject: [PATCH v5 11/13] kas: Add options to activate predefined users Date: Tue, 26 Sep 2023 07:37:40 +0200 Message-Id: <20230926053742.11352-12-ubely@ilbers.de> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230926053742.11352-1-ubely@ilbers.de> References: <20230926053742.11352-1-ubely@ilbers.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: HrQLRrUDYrrF This allows to enable 'root' and 'isar' users and set their passwords. Signed-off-by: Uladzimir Bely --- kas/opt/Kconfig | 40 ++++++++++++++++++++++++++++++++++++++++ kas/opt/user-isar.yaml | 19 +++++++++++++++++++ kas/opt/user-root.yaml | 11 +++++++++++ 3 files changed, 70 insertions(+) create mode 100644 kas/opt/user-isar.yaml create mode 100644 kas/opt/user-root.yaml diff --git a/kas/opt/Kconfig b/kas/opt/Kconfig index 05a1191f..1619a4cf 100644 --- a/kas/opt/Kconfig +++ b/kas/opt/Kconfig @@ -43,6 +43,46 @@ config KAS_INCLUDE_MIRROR_UBUNTU endmenu +menu "User management" + +config USER_ROOT + bool "Activate 'root' user" + help + Enables root user. + +config KAS_USER_ROOT_PASSWORD + string "Password for 'root' user" + default "root" + depends on USER_ROOT + help + Set password for 'root' user. + +config KAS_INCLUDE_USER_ROOT + string + default "kas/opt/user-root.yaml" + depends on USER_ROOT + + +config USER_ISAR + bool "Activate 'isar' user" + default y + help + Enables `isar` user. + +config KAS_USER_ISAR_PASSWORD + string "Password for 'isar' user" + default "isar" + depends on USER_ISAR + help + Set password for 'isar' user. + +config KAS_INCLUDE_USER_ISAR + string + default "kas/opt/user-isar.yaml" + depends on USER_ISAR + +endmenu + config KAS_IMAGE_FSTYPES string "Additional image fstypes" default "" diff --git a/kas/opt/user-isar.yaml b/kas/opt/user-isar.yaml new file mode 100644 index 00000000..67611a40 --- /dev/null +++ b/kas/opt/user-isar.yaml @@ -0,0 +1,19 @@ +# This software is a part of ISAR. +# Copyright (C) 2023 ilbers GmbH + +header: + version: 14 + +local_conf_header: + user-isar: | + GROUPS += "isar" + GROUP_isar[flags] = "system" + + USERS += "isar" + USER_isar[gid] = "isar" + USER_isar[home] = "/var/lib/isar" + USER_isar[comment] = "My isar user" + USER_isar[flags] = "system create-home" + + USER_isar[password] = "${KAS_USER_ISAR_PASSWORD}" + USER_isar[flags] += "clear-text-password" diff --git a/kas/opt/user-root.yaml b/kas/opt/user-root.yaml new file mode 100644 index 00000000..65428e24 --- /dev/null +++ b/kas/opt/user-root.yaml @@ -0,0 +1,11 @@ +# This software is a part of ISAR. +# Copyright (C) 2023 ilbers GmbH + +header: + version: 14 + +local_conf_header: + user-root: | + USERS += "root" + USER_root[password] ??= "${KAS_USER_ROOT_PASSWORD}" + USER_root[flags] += "clear-text-password" -- 2.20.1