Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add a qubes group and then add the user 'user' to the group

Browse Source 
This is to allow permissions to be set on some devices where the user needs
less restrictive permissions.  /etc/udev/rules.d/99-qubes-misc.rules changes
a few xen devices to allow the users in the qubes group access
This commit is contained in:
Jason Mehring 2015-02-07 06:07:35 -05:00
parent bb850ab95d
commit fc42561586
3 changed files with 28 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
archlinux/PKGBUILD.install
View File

@ -209,9 +209,13 @@ pre_install() {
# Add qubes core related fstab entries
echo "xen /proc/xen xenfs defaults 0 0" >> /etc/fstab
# Add a qubes group
groupadd --force --system --gid 98 qubes
# Archlinux bash version has a 'bug' when running su -c, /etc/profile is not loaded because bash consider there is no interactive pty when running 'su - user -c' or something like this.
# See https://bugs.archlinux.org/task/31831
useradd --shell /bin/zsh --create-home user
usermod --groups qubes user
}
## arg 1: the new package version

30
debian/qubes-core-agent.preinst vendored
View File

@ -34,6 +34,24 @@ set -e
# the debian-policy package
if [ "$1" = "install" ] ; then
# --------------------------------------------------------------------------
# Required groups
# --------------------------------------------------------------------------
groupadd --force --system --gid 98 qubes
groupadd --force --system sudo
# --------------------------------------------------------------------------
# User add / modifications
# --------------------------------------------------------------------------
id -u 'user' >/dev/null 2>&1 || {
useradd --user-group --create-home --shell /bin/bash user
}
id -u 'tinyproxy' >/dev/null 2>&1 || {
useradd --user-group --system -M --home /run/tinyproxy --shell /bin/false tinyproxy
}
usermod -p '' root
usermod -L --groups qubes,sudo user
# --------------------------------------------------------------------------
# Create required directories
# --------------------------------------------------------------------------
@ -45,18 +63,6 @@ if [ "$1" = "install" ] ; then
# Remove `mesg` from root/.profile?
# --------------------------------------------------------------------------
sed -i -e '/^mesg n/d' /root/.profile
# --------------------------------------------------------------------------
# User add / modifications
# --------------------------------------------------------------------------
id -u 'user' >/dev/null 2>&1 || {
useradd -U -G dialout,cdrom,floppy,sudo,audio,dip,video,plugdev -m -s /bin/bash user
}
id -u 'tinyproxy' >/dev/null 2>&1 || {
useradd -U -r -M --home /run/tinyproxy --shell /bin/false tinyproxy
}
usermod -p '' root
usermod -L user
fi
if [ "$1" = "upgrade" ] ; then

7
rpm_spec/core-vm.spec
View File

@ -111,6 +111,12 @@ for dir in qubes-rpc qrexec misc; do
done
%pre
# Make sure there is a qubes group
groupadd --force --system --gid 98 qubes
id -u 'user' >/dev/null 2>&1 || {
useradd --user-group --create-home --shell /bin/bash user
}
usermod --groups qubes user
if [ "$1" != 1 ] ; then
# do this whole %pre thing only when updating for the first time...
@ -122,7 +128,6 @@ if [ -e /etc/fstab ] ; then
mv /etc/fstab /var/lib/qubes/fstab.orig
fi
adduser --create-home user
usermod -p '' root
usermod -L user