diff --git a/archlinux/PKGBUILD.install b/archlinux/PKGBUILD.install index 40be6fa..3b1e8a4 100644 --- a/archlinux/PKGBUILD.install +++ b/archlinux/PKGBUILD.install @@ -209,9 +209,13 @@ pre_install() { # Add qubes core related fstab entries echo "xen /proc/xen xenfs defaults 0 0" >> /etc/fstab + # Add a qubes group + groupadd --force --system --gid 98 qubes + # Archlinux bash version has a 'bug' when running su -c, /etc/profile is not loaded because bash consider there is no interactive pty when running 'su - user -c' or something like this. # See https://bugs.archlinux.org/task/31831 useradd --shell /bin/zsh --create-home user + usermod --groups qubes user } ## arg 1: the new package version diff --git a/debian/qubes-core-agent.preinst b/debian/qubes-core-agent.preinst index 30ee1db..e99f74a 100755 --- a/debian/qubes-core-agent.preinst +++ b/debian/qubes-core-agent.preinst @@ -34,6 +34,24 @@ set -e # the debian-policy package if [ "$1" = "install" ] ; then + # -------------------------------------------------------------------------- + # Required groups + # -------------------------------------------------------------------------- + groupadd --force --system --gid 98 qubes + groupadd --force --system sudo + + # -------------------------------------------------------------------------- + # User add / modifications + # -------------------------------------------------------------------------- + id -u 'user' >/dev/null 2>&1 || { + useradd --user-group --create-home --shell /bin/bash user + } + id -u 'tinyproxy' >/dev/null 2>&1 || { + useradd --user-group --system -M --home /run/tinyproxy --shell /bin/false tinyproxy + } + usermod -p '' root + usermod -L --groups qubes,sudo user + # -------------------------------------------------------------------------- # Create required directories # -------------------------------------------------------------------------- @@ -45,18 +63,6 @@ if [ "$1" = "install" ] ; then # Remove `mesg` from root/.profile? # -------------------------------------------------------------------------- sed -i -e '/^mesg n/d' /root/.profile - - # -------------------------------------------------------------------------- - # User add / modifications - # -------------------------------------------------------------------------- - id -u 'user' >/dev/null 2>&1 || { - useradd -U -G dialout,cdrom,floppy,sudo,audio,dip,video,plugdev -m -s /bin/bash user - } - id -u 'tinyproxy' >/dev/null 2>&1 || { - useradd -U -r -M --home /run/tinyproxy --shell /bin/false tinyproxy - } - usermod -p '' root - usermod -L user fi if [ "$1" = "upgrade" ] ; then diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec index fd02ce4..d55e07e 100644 --- a/rpm_spec/core-vm.spec +++ b/rpm_spec/core-vm.spec @@ -111,6 +111,12 @@ for dir in qubes-rpc qrexec misc; do done %pre +# Make sure there is a qubes group +groupadd --force --system --gid 98 qubes +id -u 'user' >/dev/null 2>&1 || { + useradd --user-group --create-home --shell /bin/bash user +} +usermod --groups qubes user if [ "$1" != 1 ] ; then # do this whole %pre thing only when updating for the first time... @@ -122,7 +128,6 @@ if [ -e /etc/fstab ] ; then mv /etc/fstab /var/lib/qubes/fstab.orig fi -adduser --create-home user usermod -p '' root usermod -L user