V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m15s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m15s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -833,13 +833,15 @@ user:
|
||||
info: "totp:v1"
|
||||
salt: "CISS:CDI:OTP" # + (Server_FQDN/Username)
|
||||
##############################################################################################################################
|
||||
# root – Superuser account (normally disabled for direct login)
|
||||
# Root: The superuser account (normally disabled for direct login).
|
||||
# Key 'user.root.password' MUST contain a valid yescrypt hashed password string.
|
||||
# Key 'user.root.sshpubkey' MUST be set in case dropbear is used.
|
||||
##############################################################################################################################
|
||||
root:
|
||||
ensure: present # Must always be 'present'. (Not in use in this version of the installer.)
|
||||
protected: true # Prevent unintentional edits or deletions. (Not in use in this version of the installer.)
|
||||
shell: /bin/zsh # Login shell (e.g., '/bin/bash', '/bin/zsh'); use '/usr/sbin/nologin' for non-interactive users.
|
||||
password: "47110815"
|
||||
password: "$y$jFT$7pQlcZrgTEGrzkEm7UQW/.$QoCamalYEAV5mN4QWIE.xpHo8kvXa9sym2Uz.9oELwA"
|
||||
sshpubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAYZDAqVZUk3LwJsqeVHKvLn8UKkFx642VBbiSS8uSY 2025_ciss.debian.live.ISO_PUBLIC_ONLY"
|
||||
authentication:
|
||||
access:
|
||||
@@ -855,6 +857,7 @@ user:
|
||||
shell: true # MUST be "true" if the shell is not '/usr/sbin/nologin' or '/bin/false'.
|
||||
sudo: false # Whether the user can escalate to root using sudo.
|
||||
system: true # Whether this is a low-UID system user (e.g., for automation).
|
||||
specific: "ciss"
|
||||
|
||||
##############################################################################################################################
|
||||
# Primary administrative user with full sudo access
|
||||
@@ -867,7 +870,7 @@ user:
|
||||
uid: 1000 # Ensures that the same user has the same UID on all systems.
|
||||
gid: 1000 # Ensures that the same user has the same GID on all systems.
|
||||
shell: /bin/zsh # Login shell (e.g., '/bin/bash', '/bin/zsh'); use '/usr/sbin/nologin' for non-interactive users.
|
||||
password: "47110815"
|
||||
password: "$y$jFT$OGeZONH5ho2JSXvAbyIBQ1$5OhyHqOaMZ9BZcfMOYEwF.nMLFKd9ceiW2oNksPCHVB"
|
||||
sshpubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAYZDAqVZUk3LwJsqeVHKvLn8UKkFx642VBbiSS8uSY 2025_ciss.debian.live.ISO_PUBLIC_ONLY"
|
||||
authentication:
|
||||
access:
|
||||
@@ -883,6 +886,7 @@ user:
|
||||
system: false # Whether this is a low-UID system user (e.g., for automation).
|
||||
restricted: false # If true, the user is limited in scope (e.g., no login, no file access, --no-create-home)
|
||||
shell: true # MUST be "true" if the shell is not '/usr/sbin/nologin' or '/bin/false'.
|
||||
specific: "ciss"
|
||||
|
||||
##############################################################################################################################
|
||||
# ansible – System user for automation, no interactive shell
|
||||
@@ -911,5 +915,6 @@ user:
|
||||
system: true # Whether this is a low-UID system user (e.g., for automation).
|
||||
restricted: false # If true, the user is limited in scope (e.g., no login, no file access, --no-create-home)
|
||||
shell: true # MUST be "true" if the shell is not '/usr/sbin/nologin' or '/bin/false'.
|
||||
specific: "none"
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml
|
||||
|
||||
Reference in New Issue
Block a user