Adriaan de Groot
commit
77190a0d42
@ -21,6 +21,8 @@ This release contains contributions from (alphabetically by first name):
|
|||||||
- *partition* can be built with a new `SKIP` option, which skips
|
- *partition* can be built with a new `SKIP` option, which skips
|
||||||
the actual formatting steps but does not fail. The old `LAME`
|
the actual formatting steps but does not fail. The old `LAME`
|
||||||
option is renamed `BAIL_OUT`.
|
option is renamed `BAIL_OUT`.
|
||||||
|
- *users* has a new key *sudoersConfigureWithGroup* to allow for
|
||||||
|
different styles of sudo configuration. #1887
|
||||||
|
|
||||||
|
|
||||||
# 3.2.51 (2022-02-01) #
|
# 3.2.51 (2022-02-01) #
|
||||||
|
|||||||
@ -840,6 +840,9 @@ Config::setConfigurationMap( const QVariantMap& configurationMap )
|
|||||||
setAutoLoginGroup( either< QString, const QString& >(
|
setAutoLoginGroup( either< QString, const QString& >(
|
||||||
CalamaresUtils::getString, configurationMap, "autologinGroup", "autoLoginGroup", QString() ) );
|
CalamaresUtils::getString, configurationMap, "autologinGroup", "autoLoginGroup", QString() ) );
|
||||||
setSudoersGroup( CalamaresUtils::getString( configurationMap, "sudoersGroup" ) );
|
setSudoersGroup( CalamaresUtils::getString( configurationMap, "sudoersGroup" ) );
|
||||||
|
m_sudoStyle = CalamaresUtils::getBool( configurationMap, "sudoersConfigureWithGroup", false )
|
||||||
|
? SudoStyle::UserAndGroup
|
||||||
|
: SudoStyle::UserOnly;
|
||||||
|
|
||||||
m_hostNameActions = getHostNameActions( configurationMap );
|
m_hostNameActions = getHostNameActions( configurationMap );
|
||||||
|
|
||||||
@ -904,7 +907,7 @@ Config::createJobs() const
|
|||||||
|
|
||||||
if ( !m_sudoersGroup.isEmpty() )
|
if ( !m_sudoersGroup.isEmpty() )
|
||||||
{
|
{
|
||||||
j = new SetupSudoJob( m_sudoersGroup );
|
j = new SetupSudoJob( m_sudoersGroup, m_sudoStyle );
|
||||||
jobs.append( Calamares::job_ptr( j ) );
|
jobs.append( Calamares::job_ptr( j ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -186,8 +186,15 @@ public:
|
|||||||
|
|
||||||
/// The group of which auto-login users must be a member
|
/// The group of which auto-login users must be a member
|
||||||
QString autoLoginGroup() const { return m_autoLoginGroup; }
|
QString autoLoginGroup() const { return m_autoLoginGroup; }
|
||||||
|
|
||||||
|
enum class SudoStyle
|
||||||
|
{
|
||||||
|
UserOnly,
|
||||||
|
UserAndGroup
|
||||||
|
};
|
||||||
/// The group of which users who can "sudo" must be a member
|
/// The group of which users who can "sudo" must be a member
|
||||||
QString sudoersGroup() const { return m_sudoersGroup; }
|
QString sudoersGroup() const { return m_sudoersGroup; }
|
||||||
|
SudoStyle sudoStyle() const { return m_sudoStyle; }
|
||||||
|
|
||||||
/// The full (GECOS) name of the user
|
/// The full (GECOS) name of the user
|
||||||
QString fullName() const { return m_fullName; }
|
QString fullName() const { return m_fullName; }
|
||||||
@ -307,6 +314,7 @@ private:
|
|||||||
QString m_userShell;
|
QString m_userShell;
|
||||||
QString m_autoLoginGroup;
|
QString m_autoLoginGroup;
|
||||||
QString m_sudoersGroup;
|
QString m_sudoersGroup;
|
||||||
|
SudoStyle m_sudoStyle = SudoStyle::UserOnly;
|
||||||
QString m_fullName;
|
QString m_fullName;
|
||||||
QString m_loginName;
|
QString m_loginName;
|
||||||
QString m_hostName;
|
QString m_hostName;
|
||||||
|
|||||||
@ -22,8 +22,9 @@
|
|||||||
#include <QFile>
|
#include <QFile>
|
||||||
#include <QFileInfo>
|
#include <QFileInfo>
|
||||||
|
|
||||||
SetupSudoJob::SetupSudoJob( const QString& group )
|
SetupSudoJob::SetupSudoJob( const QString& group, Config::SudoStyle style )
|
||||||
: m_sudoGroup( group )
|
: m_sudoGroup( group )
|
||||||
|
, m_sudoStyle( style )
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -33,6 +34,22 @@ SetupSudoJob::prettyName() const
|
|||||||
return tr( "Configure <pre>sudo</pre> users." );
|
return tr( "Configure <pre>sudo</pre> users." );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static QString
|
||||||
|
designatorForStyle( Config::SudoStyle style )
|
||||||
|
{
|
||||||
|
switch ( style )
|
||||||
|
{
|
||||||
|
case Config::SudoStyle::UserOnly:
|
||||||
|
return QStringLiteral( "(ALL)" );
|
||||||
|
break;
|
||||||
|
case Config::SudoStyle::UserAndGroup:
|
||||||
|
return QStringLiteral( "(ALL:ALL)" );
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
__builtin_unreachable();
|
||||||
|
return QString();
|
||||||
|
}
|
||||||
|
|
||||||
Calamares::JobResult
|
Calamares::JobResult
|
||||||
SetupSudoJob::exec()
|
SetupSudoJob::exec()
|
||||||
{
|
{
|
||||||
@ -42,7 +59,9 @@ SetupSudoJob::exec()
|
|||||||
return Calamares::JobResult::ok();
|
return Calamares::JobResult::ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
QString sudoersLine = QString( "%%1 ALL=(ALL) ALL\n" ).arg( m_sudoGroup );
|
// One % for the sudo format, keep it outside of the string to avoid accidental replacement
|
||||||
|
QString sudoersLine
|
||||||
|
= QChar( '%' ) + QString( "%1 ALL=%2 ALL\n" ).arg( m_sudoGroup, designatorForStyle( m_sudoStyle ) );
|
||||||
auto fileResult
|
auto fileResult
|
||||||
= CalamaresUtils::System::instance()->createTargetFile( QStringLiteral( "/etc/sudoers.d/10-installer" ),
|
= CalamaresUtils::System::instance()->createTargetFile( QStringLiteral( "/etc/sudoers.d/10-installer" ),
|
||||||
sudoersLine.toUtf8().constData(),
|
sudoersLine.toUtf8().constData(),
|
||||||
|
|||||||
@ -17,20 +17,21 @@
|
|||||||
#ifndef USERS_MISCJOBS_H
|
#ifndef USERS_MISCJOBS_H
|
||||||
#define USERS_MISCJOBS_H
|
#define USERS_MISCJOBS_H
|
||||||
|
|
||||||
#include "Job.h"
|
#include "Config.h"
|
||||||
|
|
||||||
class Config;
|
#include "Job.h"
|
||||||
|
|
||||||
class SetupSudoJob : public Calamares::Job
|
class SetupSudoJob : public Calamares::Job
|
||||||
{
|
{
|
||||||
Q_OBJECT
|
Q_OBJECT
|
||||||
public:
|
public:
|
||||||
SetupSudoJob( const QString& group );
|
SetupSudoJob( const QString& group, Config::SudoStyle style );
|
||||||
QString prettyName() const override;
|
QString prettyName() const override;
|
||||||
Calamares::JobResult exec() override;
|
Calamares::JobResult exec() override;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
QString m_sudoGroup;
|
QString m_sudoGroup;
|
||||||
|
Config::SudoStyle m_sudoStyle;
|
||||||
};
|
};
|
||||||
|
|
||||||
class SetupGroupsJob : public Calamares::Job
|
class SetupGroupsJob : public Calamares::Job
|
||||||
|
|||||||
@ -63,6 +63,10 @@ doAutologin: true
|
|||||||
# the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
|
# the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
|
||||||
# potentially confusing users.
|
# potentially confusing users.
|
||||||
sudoersGroup: wheel
|
sudoersGroup: wheel
|
||||||
|
# If set to `false` (the default), writes a sudoers file with `(ALL)`
|
||||||
|
# so that the command can be run as any user. If set to `true`, writes
|
||||||
|
# `(ALL:ALL)` so that any user and any group can be chosen.
|
||||||
|
sudoersConfigureWithGroup: false
|
||||||
|
|
||||||
# Setting this to false, causes the root account to be disabled.
|
# Setting this to false, causes the root account to be disabled.
|
||||||
# When disabled, hides the "Use the same password for administrator"
|
# When disabled, hides the "Use the same password for administrator"
|
||||||
|
|||||||
@ -23,6 +23,7 @@ properties:
|
|||||||
required: [ name ]
|
required: [ name ]
|
||||||
autologinGroup: { type: string }
|
autologinGroup: { type: string }
|
||||||
sudoersGroup: { type: string }
|
sudoersGroup: { type: string }
|
||||||
|
sudoersConfigureWithGroup: { type: boolean, default: false }
|
||||||
# Skip login (depends on displaymanager support)
|
# Skip login (depends on displaymanager support)
|
||||||
doAutologin: { type: boolean, default: true }
|
doAutologin: { type: boolean, default: true }
|
||||||
# Root password separate from user password?
|
# Root password separate from user password?
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user