Create non-root user

fwilhe · Sep 12, 2023 · fa0597a · fa0597a
1 parent f898758
commit fa0597a
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -17,11 +17,11 @@ Use the `bin/start-vm` script from [Garden Linux](https://github.com/gardenlinux
 Depending on your architecture, it should look like this:
 
 ```bash
-$ path/to/gardenlinux/bin/start-vm --no-watchdog .build/ostree-arm64-trixie-local.ostree.raw
+$ path/to/gardenlinux/bin/start-vm --no-watchdog .build/ostree-arm64-trixie*.ostree.raw
 ```
 
 ```bash
-$ path/to/gardenlinux/bin/start-vm --no-watchdog .build/ostree-amd64-trixie-local.ostree.raw
+$ path/to/gardenlinux/bin/start-vm --no-watchdog .build/ostree-amd64-trixie*.ostree.raw
 ```
 
 Check for the actual name of the image in the `.build` directory.
diff --git a/features/ostree/exec.late b/features/ostree/exec.late
@@ -62,6 +62,11 @@ cp "/boot/initrd.img-$version" /usr/lib/modules/$version/initramfs.img
 # Build fails if we do this here instead of in image.ostree.raw
 # mv /etc /usr/etc
 
+useradd --user-group --home-dir /var/home/user --shell /usr/bin/bash user
+printf "user:user123!" | chpasswd
+echo "%sudo ALL=(ALL) NOPASSWD:ALL" | tee /etc/sudoers.d/nopasswd
+usermod -aG sudo user
+
 # Delete apt because this is an image-based system
 rm -f /etc/cron.daily/apt-compat
 rm -f /etc/logrotate.d/apt

diff --git a/features/ostree/file.include/etc/systemd/system/[email protected]/autologin.conf b/features/ostree/file.include/etc/systemd/system/[email protected]/autologin.conf
@@ -1,3 +1,3 @@
 [Service]
 ExecStart=
-ExecStart=-/sbin/agetty --autologin root -o '-p -f -- \\u' --keep-baud 115200,38400,9600 %I $TERM
+ExecStart=-/sbin/agetty --autologin user -o '-p -f -- \\u' --keep-baud 115200,38400,9600 %I $TERM
diff --git a/features/ostree/image.ostree.raw b/features/ostree/image.ostree.raw
@@ -32,10 +32,13 @@ boot_hash=`ls "$OSTREE_SYSROOT"/ostree/boot.1.1/gardenlinux/`
 mkdir -p "$OSTREE_SYSROOT"/ostree/boot.1.1/gardenlinux/$boot_hash/0/sysroot
 
 mkdir -p "$OSTREE_SYSROOT"/ostree/deploy/gardenlinux/var/home
+mkdir -p "$OSTREE_SYSROOT"/ostree/deploy/gardenlinux/var/home/user
 mkdir -p "$OSTREE_SYSROOT"/ostree/deploy/gardenlinux/var/roothome
 mkdir -p "$OSTREE_SYSROOT"/ostree/deploy/gardenlinux/var/opt
 mkdir -p "$OSTREE_SYSROOT"/ostree/deploy/gardenlinux/var/srv
 
+chown 1000:1000 "$OSTREE_SYSROOT"/ostree/deploy/gardenlinux/var/home/user
+
 # Build disk image, this is hacky as of now, needs rework
 # Setup bootloader
 boot_dir=$(mktemp -d)

diff --git a/features/ostree/pkg.include b/features/ostree/pkg.include
@@ -9,6 +9,7 @@ network-manager
 ostree
 ostree-boot
 podman
+sudo
 systemd
 systemd-boot
 systemd-resolved