msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5986c451ca775de07df12e48690f56476e4190464299d59016f0c879b2e769c9
CISS.debian.installer/func/cdi_4500_user/4522_accounts_setup_physnet.sh
Marc S. Weidner 07e5624eea V8.00.000.2025.06.17 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-10-17 23:25:41 +01:00

140 lines
5.6 KiB
Bash
Raw Blame History

#!/bin/bash
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
guard_sourcing
#######################################
# Account setup PHYSNET specific.
# Globals:
# RECOVERY
# TARGET
# VAR_RUN_RECOVERY
# VAR_SETUP_PATH
# user_root_shell
# Arguments:
# None
# Returns:
# 0: on success
#######################################
accounts_setup_physnet_root() {
### Declare Arrays, HashMaps, and Variables.
declare var_target="${TARGET}"
### Check for TARGET / RECOVERY.
[[ "${VAR_RUN_RECOVERY}" == "true" ]] && var_target="${RECOVERY}"
install -d -m 0700 -o root -g root "${var_target}/root/.ssh"
install -m 0600 -o root -g root /dev/null "${var_target}/root/.ssh/authorized_keys"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.physnet.bashrc" "${var_target}/root/.bashrc"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/theme_eza_ciss.yml" "${var_target}/root/.ciss/"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/alias" "${var_target}/root/.ciss/"
install -m 0700 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/check_chrony.sh" "${var_target}/root/.ciss/"
install -m 0700 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/clean_logout.sh" "${var_target}/root/.ciss/"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/f2bchk" "${var_target}/root/.ciss/"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/scan_libwrap" "${var_target}/root/.ciss/"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.ciss/shortcuts" "${var_target}/root/.ciss/"
insert_comments "${var_target}/root/.bashrc"
insert_comments "${var_target}/root/.ciss/alias"
insert_comments "${var_target}/root/.ciss/check_chrony.sh"
insert_comments "${var_target}/root/.ciss/clean_logout.sh"
insert_comments "${var_target}/root/.ciss/f2bchk"
insert_comments "${var_target}/root/.ciss/scan_libwrap"
insert_comments "${var_target}/root/.ciss/shortcuts"
if [[ "${user_root_shell}" == "/bin/zsh" ]]; then
if [[ -x "${var_target}${user_root_shell}" ]]; then
zsh_omz_installer "root" "${var_target}"
mkdir -p "${var_target}/root/.ciss/cdi/backup/root"
mv "${var_target}/root/.zshrc" "${var_target}/root/.ciss/cdi/backup/root/.zshrc.bak"
install -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/target/root/.physnet.zshrc" "${var_target}/root/.zshrc"
insert_comments "${var_target}/root/.zshrc"
chroot_exec "${var_target}" chsh -s "${user_root_shell}" root
do_log "info" "file_only" "4520() Shell: '${user_root_shell}' used for: 'root'."
else
chroot_exec "${var_target}" chsh -s /bin/bash root
do_log "info" "file_only" "4520() Shell: '${user_root_shell}' not found for: 'root'. Using '/bin/bash' instead."
fi
fi
do_log "info" "file_only" "4520() Skeleton: 'root' successfully generated."
guard_dir && return 0
}
### Prevents accidental 'unset -f'.
# shellcheck disable=SC2034
readonly -f accounts_setup_physnet_root
#######################################
# Generates user account skeleton and activates chosen bash / zsh.
# Globals:
# RECOVERY
# TARGET
# VAR_RUN_RECOVERY
# VAR_SETUP_PATH
# Arguments:
# 1: var_uid
# 2: var_gid
# 3: var_username
# 4: var_shell
# Returns:
# 0: on success
#######################################
accounts_setup_physnet_user() {
### Declare Arrays, HashMaps, and Variables.
declare -r var_uid="${1}" var_gid="${2}" var_username="${3}" var_shell="${4}"
declare var_target="${TARGET}"
### Check for TARGET / RECOVERY.
[[ "${VAR_RUN_RECOVERY}" == "true" ]] && var_target="${RECOVERY}"
install -d -m 0700 -o "${var_uid}" -g "${var_gid}" "${var_target}/home/${var_username}/.ssh"
install -m 0600 -o "${var_uid}" -g "${var_gid}" /dev/null "${var_target}/home/${var_username}/.ssh/authorized_keys"
install -m 0600 -o "${var_uid}" -g "${var_gid}" "${VAR_SETUP_PATH}/includes/target/etc/skel/.physnet.bashrc" "${var_target}/home/${var_username}/.bashrc"
if [[ "${var_shell}" == "/bin/zsh" ]]; then
if [[ -x "${var_target}${var_shell}" ]]; then
zsh_omz_installer "${var_username}" "${var_target}"
mv "${var_target}/home/${var_username}/.zshrc" "${var_target}/home/${var_username}/.zshrc.bak"
install -m 0600 -o "${var_uid}" -g "${var_gid}" "${VAR_SETUP_PATH}/includes/target/etc/skel/.physnet.zshrc" "${var_target}/home/${var_username}/.zshrc"
chroot_exec "${var_target}" chsh -s "${var_shell}" "${var_username}"
do_log "info" "file_only" "4520() Shell: '${var_shell}' used for: '${var_username}'."
else
chroot_exec "${var_target}" chsh -s /bin/bash "${var_username}"
do_log "info" "file_only" "4520() Shell: '${var_shell}' not found for: '${var_username}'. Using '/bin/bash' instead."
fi
fi
do_log "info" "file_only" "4520() Skeleton: '${var_username}' successfully generated."
guard_dir && return 0
}
### Prevents accidental 'unset -f'.
# shellcheck disable=SC2034
readonly -f accounts_setup_physnet_user
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
Reference in New Issue View Git Blame Copy Permalink