napcok/calamares
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[users] Introduce forbidden_names settings

Browse Source
This commit is contained in:
Adriaan de Groot 2022-05-09 14:25:56 +02:00
parent 40c5ef1c35
commit 7473462125
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/modules/users/users.conf
View File

@ -154,8 +154,13 @@ allowWeakPasswordsDefault: false
# and rely on a correct configuration file in /etc/default/useradd # and rely on a correct configuration file in /etc/default/useradd
# - set, non-empty, use that path as shell. No validation is done # - set, non-empty, use that path as shell. No validation is done
# that the shell actually exists or is executable. # that the shell actually exists or is executable.
# - *forbidden_names* Login names that may not be used. This list always
# contains "root" and "nobody", but may be extended to list other special
# names for a given distro (eg. "video", or "mysql" might not be a valid
# end-user login name).
user: user:
shell: /bin/bash shell: /bin/bash
forbidden_names: [ root ]
# TODO:3.3: Remove this setting # TODO:3.3: Remove this setting
# #
# This is the legacy setting for user.shell # This is the legacy setting for user.shell
@ -198,10 +203,14 @@ userShell: /bin/bash
# `${key}` values to something that will fit in a hostname, but does not # `${key}` values to something that will fit in a hostname, but does not
# apply the same to literal text in the template. Do not use invalid # apply the same to literal text in the template. Do not use invalid
# characters in the literal text, or no suggeston will be done. # characters in the literal text, or no suggeston will be done.
# - *forbidden_names* lists hostnames that may not be used. This list
# always contains "localhost", but may list others that are unsuitable
# or broken in special ways.
hostname: hostname:
location: EtcFile location: EtcFile
writeHostsFile: true writeHostsFile: true
template: "derp-${cpu}" template: "derp-${cpu}"
forbidden_names: [ localhost ]
# TODO:3.3: Remove this setting # TODO:3.3: Remove this setting
# #

2
src/modules/users/users.schema.yaml
View File

@ -13,6 +13,7 @@ properties:
type: object type: object
properties: properties:
shell: { type: string } # Overrides userShell shell: { type: string } # Overrides userShell
forbidden_names: { type: array, items: { type: string } }
# Group settings # Group settings
defaultGroups: defaultGroups:
type: array type: array
@ -52,6 +53,7 @@ properties:
location: { type: string, enum: [ None, EtcFile, Hostnamed, Transient ] } location: { type: string, enum: [ None, EtcFile, Hostnamed, Transient ] }
writeHostsFile: { type: boolean, default: true } writeHostsFile: { type: boolean, default: true }
template: { type: string, default: "${first}-${product}" } template: { type: string, default: "${first}-${product}" }
forbidden_names: { type: array, items: { type: string } }
# Legacy Hostname setting # Legacy Hostname setting
setHostname: { type: string, enum: [ None, EtcFile, Hostnamed ] } setHostname: { type: string, enum: [ None, EtcFile, Hostnamed ] }
writeHostsFile: { type: boolean, default: true } writeHostsFile: { type: boolean, default: true }