Add a boot menu item for resetting SOI user
This commit is contained in:
parent
697bbc3618
commit
ecdc506a1a
|
|
@ -5,3 +5,6 @@ set -eu
|
||||||
# Install the noauth PAM profile.
|
# Install the noauth PAM profile.
|
||||||
groupadd noauth
|
groupadd noauth
|
||||||
pam-auth-update --enable noauth
|
pam-auth-update --enable noauth
|
||||||
|
|
||||||
|
# Enable user reset at boot triggered by a kernel parameter.
|
||||||
|
systemctl enable reset-user.service
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,40 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -e
|
||||||
|
|
||||||
|
. "$pkgdatadir/grub-mkconfig_lib"
|
||||||
|
|
||||||
|
list=
|
||||||
|
for i in /boot/vmlinuz-* ; do
|
||||||
|
if grub_file_is_not_garbage "$i" ; then list="$list $i" ; fi
|
||||||
|
done
|
||||||
|
linux="$(version_find_latest $list)"
|
||||||
|
basename="$(basename $linux)"
|
||||||
|
rel_dirname="$(make_system_path_relative_to_its_root /boot)"
|
||||||
|
version="$(echo $basename | sed -e "s,^[^0-9]*-,,g")"
|
||||||
|
|
||||||
|
prepare_boot="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | grub_add_tab | grub_add_tab)"
|
||||||
|
LINUX_ROOT_DEVICE="UUID=${GRUB_DEVICE_UUID}"
|
||||||
|
|
||||||
|
linux_entry ()
|
||||||
|
{
|
||||||
|
title="$1"
|
||||||
|
args="$2"
|
||||||
|
|
||||||
|
echo " menuentry '$(echo "$title" | grub_quote)' {"
|
||||||
|
echo " load_video"
|
||||||
|
echo " insmod gzio"
|
||||||
|
echo "$prepare_boot"
|
||||||
|
echo " echo '$(echo "Loading Linux ${version} ..." | grub_quote)'"
|
||||||
|
echo " linux ${rel_dirname}/${basename} root=${LINUX_ROOT_DEVICE} ro ${args}"
|
||||||
|
echo " echo 'Loading initial ramdisk ...'"
|
||||||
|
echo " initrd ${rel_dirname}/initrd.img-${version}"
|
||||||
|
echo " }"
|
||||||
|
}
|
||||||
|
|
||||||
|
echo "submenu 'Reset SOI user...' {"
|
||||||
|
echo " menuentry 'Cancel' {"
|
||||||
|
echo " configfile \$prefix/grub.cfg"
|
||||||
|
echo " }"
|
||||||
|
linux_entry "Reset SOI user (THIS DELETES USER DATA)" "reset-user"
|
||||||
|
linux_entry "Reset SOI user (THIS DELETES USER DATA) and power off" "reset-user reset-user-poweroff"
|
||||||
|
echo "}"
|
||||||
|
|
@ -0,0 +1,14 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Reset user at boot by setting a kernel parameter.
|
||||||
|
Before=basic.target
|
||||||
|
After=local-fs.target systemd-tmpfiles-setup.service
|
||||||
|
DefaultDependencies=no
|
||||||
|
ConditionKernelCommandLine=reset-user
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=yes
|
||||||
|
ExecStart=/usr/local/bin/reset-user
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=basic.target
|
||||||
|
|
@ -6,12 +6,5 @@ set -eu
|
||||||
cp -rT /usr/local/share/target-sources /etc/apt/sources.list.d
|
cp -rT /usr/local/share/target-sources /etc/apt/sources.list.d
|
||||||
rm /etc/apt/sources.list
|
rm /etc/apt/sources.list
|
||||||
|
|
||||||
USERNAME=soi
|
|
||||||
USER_FULLNAME="SOI"
|
|
||||||
# Password: soi
|
|
||||||
USER_PASSWORD='$y$j9T$h5VhMd4KkdmbxdZD1gO0N/$1hvwZgO8pQw13Xd6jaNXbtkbqVOC4W/ia/KXOcCGYvB'
|
|
||||||
|
|
||||||
# Create user.
|
# Create user.
|
||||||
adduser --disabled-password --gecos "$USER_FULLNAME" "$USERNAME"
|
/usr/local/bin/reset-user
|
||||||
usermod -p "$USER_PASSWORD" "$USERNAME"
|
|
||||||
adduser "$USERNAME" noauth
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,21 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
USERNAME=soi
|
||||||
|
USER_FULLNAME="SOI"
|
||||||
|
# Password: soi
|
||||||
|
USER_PASSWORD='$y$j9T$h5VhMd4KkdmbxdZD1gO0N/$1hvwZgO8pQw13Xd6jaNXbtkbqVOC4W/ia/KXOcCGYvB'
|
||||||
|
|
||||||
|
# Delete user.
|
||||||
|
userdel --remove "$USERNAME" || true
|
||||||
|
|
||||||
|
# Create user.
|
||||||
|
adduser --disabled-password --gecos "$USER_FULLNAME" "$USERNAME"
|
||||||
|
usermod -p "$USER_PASSWORD" "$USERNAME"
|
||||||
|
adduser "$USERNAME" noauth
|
||||||
|
|
||||||
|
# If the corresponding boot menu item was selected, immediately power off.
|
||||||
|
if grep --quiet --word-regexp reset-user-poweroff /proc/cmdline; then
|
||||||
|
systemctl start poweroff.target --job-mode=replace-irreversibly --no-block
|
||||||
|
fi
|
||||||
|
|
@ -107,6 +107,7 @@ Here is a list of features.
|
||||||
- login without password for `noauth` group
|
- login without password for `noauth` group
|
||||||
- create an admin user with sudo rights and password
|
- create an admin user with sudo rights and password
|
||||||
- create a participant user without password
|
- create a participant user without password
|
||||||
|
- add a boot menu item for resetting participant user data
|
||||||
- install packages for firmware updates and power manager
|
- install packages for firmware updates and power manager
|
||||||
- install Gnome Boxes and VirtualBox for running virtual machines
|
- install Gnome Boxes and VirtualBox for running virtual machines
|
||||||
- `contestant`
|
- `contestant`
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue