diff --git a/docs/TODO b/docs/TODO index 4b16e88..20f85c9 100644 --- a/docs/TODO +++ b/docs/TODO @@ -2,6 +2,9 @@ -switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT. -more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?), change path combinations to use os.path.join etc. +-modularity: https://stackoverflow.com/a/8719100 + +-mtree-like functionality; if mtree spec is found, apply that to files in overlay (or chroot even); otherwise copy from overlay and don't touch chroot -i_am_a_racecar optimizations - different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411 @@ -29,6 +32,8 @@ --iPXE's curl --initrd's curl -WISH: Better logging/debugging +https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-logging-every-day/ + -WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention) -does loader.efi support splash backgrounds? can i implement that differently somehow? --yes, see e.g. https://www.reddit.com/r/archlinux/comments/3bwgf0/where_put_the_splasharchbmp_to_splash_screen_boot/ diff --git a/docs/manual/user/BUILDING.adoc b/docs/manual/user/BUILDING.adoc index 452b933..fe50da0 100644 --- a/docs/manual/user/BUILDING.adoc +++ b/docs/manual/user/BUILDING.adoc @@ -7,6 +7,8 @@ NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the To initiate a build, simply run `/bdisk/bdisk.py`. That's it! Everything should continue automatically. +If you'd like to specify a path to a specific build configuration, you can use `/bdisk/bdisk.py path/to/build.ini`. The default is _/etc/bdisk/build.ini_ (plus <>). + If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.) If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <>! diff --git a/docs/manual/user/BUILDINI.adoc b/docs/manual/user/BUILDINI.adoc index 2ac170c..362dc1d 100644 --- a/docs/manual/user/BUILDINI.adoc +++ b/docs/manual/user/BUILDINI.adoc @@ -35,6 +35,7 @@ We'll go into more detail for each section below. [user] username = ${bdisk:uxname} name = Default user + groups = ${bdisk:uxname},admin password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/ [source_x86_64] mirror = mirror.us.leaseweb.net @@ -192,6 +193,15 @@ What comment/description/real name should be used for the user? For more informa . ASCII only +==== `groups` +What groups this user should be added to, comma-separated. They will be created if they don't exist yet. Standard *nix group names rules apply: + +. ASCII only +. 32 characters or less +. Can only contain lower-case letters, numeric digits, underscores, or dashes (and can end with a dollar sign) +. Must start with a (lower-case) letter or underscore +. No whitespace + ==== `password` The escaped, salted, hashed string to use for the non-root user. diff --git a/extra/dist.build.ini b/extra/dist.build.ini index 62220da..9751076 100644 --- a/extra/dist.build.ini +++ b/extra/dist.build.ini @@ -26,6 +26,7 @@ user = yes [user] username = ${bdisk:uxname} name = Default user +groups = ${bdisk:uxname},admin password = [source_x86_64] diff --git a/extra/pkg.build.ini b/extra/pkg.build.ini index 04f686a..2bed919 100644 --- a/extra/pkg.build.ini +++ b/extra/pkg.build.ini @@ -26,6 +26,7 @@ user = yes [user] username = ${bdisk:uxname} name = Default user +groups = ${bdisk:uxname},admin password = [source_x86_64] diff --git a/extra/pre-build.d/root/pre-build.sh b/extra/pre-build.d/root/pre-build.sh index fb80566..5c0cbe7 100755 --- a/extra/pre-build.d/root/pre-build.sh +++ b/extra/pre-build.d/root/pre-build.sh @@ -141,7 +141,12 @@ then fi # Add the regular user useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR} -usermod -aG users,games,video,audio ${REGUSR} +usermod -aG users,games,video,audio ${REGUSR} # TODO: remove this in lieu of $REGUSR_GRPS? these are all kind of required, though, for regular users anyways +for g in $(echo ${REGUSR_GRPS} | sed 's/,[[:space:]]*/ /g'); +do + getent group ${g} > /dev/null 2>&1 || groupadd ${g} + usermod -aG ${g} ${REGUSR} +done passwd -d ${REGUSR} # Add them to sudoers mkdir -p /etc/sudoers.d diff --git a/extra/templates/pre-build.d/root/VARS.txt.j2 b/extra/templates/pre-build.d/root/VARS.txt.j2 index 0c4b8d1..2c1417a 100644 --- a/extra/templates/pre-build.d/root/VARS.txt.j2 +++ b/extra/templates/pre-build.d/root/VARS.txt.j2 @@ -4,6 +4,7 @@ export PNAME='{{ bdisk['name'] }}' export DISTPUB='{{ bdisk['dev'] }}' export DISTDESC='{{ bdisk['desc'] }}' export REGUSR='{{ user['username']|lower }}' +export REGUSR_GRPS='{{ user['groups'] }}' export USERCOMMENT='{{ user['name'] }}' export REGUSR_PASS='{{ user['password'] }}' export ROOT_PASS='{{ bdisk['root_password'] }}'