Adriaan de Groot
commit
77190a0d42
@ -21,6 +21,8 @@ This release contains contributions from (alphabetically by first name):
|
||||
- *partition* can be built with a new `SKIP` option, which skips
|
||||
the actual formatting steps but does not fail. The old `LAME`
|
||||
option is renamed `BAIL_OUT`.
|
||||
- *users* has a new key *sudoersConfigureWithGroup* to allow for
|
||||
different styles of sudo configuration. #1887
|
||||
|
||||
|
||||
# 3.2.51 (2022-02-01) #
|
||||
|
||||
@ -840,6 +840,9 @@ Config::setConfigurationMap( const QVariantMap& configurationMap )
|
||||
setAutoLoginGroup( either< QString, const QString& >(
|
||||
CalamaresUtils::getString, configurationMap, "autologinGroup", "autoLoginGroup", QString() ) );
|
||||
setSudoersGroup( CalamaresUtils::getString( configurationMap, "sudoersGroup" ) );
|
||||
m_sudoStyle = CalamaresUtils::getBool( configurationMap, "sudoersConfigureWithGroup", false )
|
||||
? SudoStyle::UserAndGroup
|
||||
: SudoStyle::UserOnly;
|
||||
|
||||
m_hostNameActions = getHostNameActions( configurationMap );
|
||||
|
||||
@ -904,7 +907,7 @@ Config::createJobs() const
|
||||
|
||||
if ( !m_sudoersGroup.isEmpty() )
|
||||
{
|
||||
j = new SetupSudoJob( m_sudoersGroup );
|
||||
j = new SetupSudoJob( m_sudoersGroup, m_sudoStyle );
|
||||
jobs.append( Calamares::job_ptr( j ) );
|
||||
}
|
||||
|
||||
|
||||
@ -186,8 +186,15 @@ public:
|
||||
|
||||
/// The group of which auto-login users must be a member
|
||||
QString autoLoginGroup() const { return m_autoLoginGroup; }
|
||||
|
||||
enum class SudoStyle
|
||||
{
|
||||
UserOnly,
|
||||
UserAndGroup
|
||||
};
|
||||
/// The group of which users who can "sudo" must be a member
|
||||
QString sudoersGroup() const { return m_sudoersGroup; }
|
||||
SudoStyle sudoStyle() const { return m_sudoStyle; }
|
||||
|
||||
/// The full (GECOS) name of the user
|
||||
QString fullName() const { return m_fullName; }
|
||||
@ -307,6 +314,7 @@ private:
|
||||
QString m_userShell;
|
||||
QString m_autoLoginGroup;
|
||||
QString m_sudoersGroup;
|
||||
SudoStyle m_sudoStyle = SudoStyle::UserOnly;
|
||||
QString m_fullName;
|
||||
QString m_loginName;
|
||||
QString m_hostName;
|
||||
|
||||
@ -22,8 +22,9 @@
|
||||
#include <QFile>
|
||||
#include <QFileInfo>
|
||||
|
||||
SetupSudoJob::SetupSudoJob( const QString& group )
|
||||
SetupSudoJob::SetupSudoJob( const QString& group, Config::SudoStyle style )
|
||||
: m_sudoGroup( group )
|
||||
, m_sudoStyle( style )
|
||||
{
|
||||
}
|
||||
|
||||
@ -33,6 +34,22 @@ SetupSudoJob::prettyName() const
|
||||
return tr( "Configure <pre>sudo</pre> users." );
|
||||
}
|
||||
|
||||
static QString
|
||||
designatorForStyle( Config::SudoStyle style )
|
||||
{
|
||||
switch ( style )
|
||||
{
|
||||
case Config::SudoStyle::UserOnly:
|
||||
return QStringLiteral( "(ALL)" );
|
||||
break;
|
||||
case Config::SudoStyle::UserAndGroup:
|
||||
return QStringLiteral( "(ALL:ALL)" );
|
||||
break;
|
||||
}
|
||||
__builtin_unreachable();
|
||||
return QString();
|
||||
}
|
||||
|
||||
Calamares::JobResult
|
||||
SetupSudoJob::exec()
|
||||
{
|
||||
@ -42,7 +59,9 @@ SetupSudoJob::exec()
|
||||
return Calamares::JobResult::ok();
|
||||
}
|
||||
|
||||
QString sudoersLine = QString( "%%1 ALL=(ALL) ALL\n" ).arg( m_sudoGroup );
|
||||
// One % for the sudo format, keep it outside of the string to avoid accidental replacement
|
||||
QString sudoersLine
|
||||
= QChar( '%' ) + QString( "%1 ALL=%2 ALL\n" ).arg( m_sudoGroup, designatorForStyle( m_sudoStyle ) );
|
||||
auto fileResult
|
||||
= CalamaresUtils::System::instance()->createTargetFile( QStringLiteral( "/etc/sudoers.d/10-installer" ),
|
||||
sudoersLine.toUtf8().constData(),
|
||||
|
||||
@ -17,20 +17,21 @@
|
||||
#ifndef USERS_MISCJOBS_H
|
||||
#define USERS_MISCJOBS_H
|
||||
|
||||
#include "Job.h"
|
||||
#include "Config.h"
|
||||
|
||||
class Config;
|
||||
#include "Job.h"
|
||||
|
||||
class SetupSudoJob : public Calamares::Job
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
SetupSudoJob( const QString& group );
|
||||
SetupSudoJob( const QString& group, Config::SudoStyle style );
|
||||
QString prettyName() const override;
|
||||
Calamares::JobResult exec() override;
|
||||
|
||||
public:
|
||||
QString m_sudoGroup;
|
||||
Config::SudoStyle m_sudoStyle;
|
||||
};
|
||||
|
||||
class SetupGroupsJob : public Calamares::Job
|
||||
|
||||
@ -63,6 +63,10 @@ doAutologin: true
|
||||
# the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
|
||||
# potentially confusing users.
|
||||
sudoersGroup: wheel
|
||||
# If set to `false` (the default), writes a sudoers file with `(ALL)`
|
||||
# so that the command can be run as any user. If set to `true`, writes
|
||||
# `(ALL:ALL)` so that any user and any group can be chosen.
|
||||
sudoersConfigureWithGroup: false
|
||||
|
||||
# Setting this to false, causes the root account to be disabled.
|
||||
# When disabled, hides the "Use the same password for administrator"
|
||||
|
||||
@ -23,6 +23,7 @@ properties:
|
||||
required: [ name ]
|
||||
autologinGroup: { type: string }
|
||||
sudoersGroup: { type: string }
|
||||
sudoersConfigureWithGroup: { type: boolean, default: false }
|
||||
# Skip login (depends on displaymanager support)
|
||||
doAutologin: { type: boolean, default: true }
|
||||
# Root password separate from user password?
|
||||
|
||||
Loading…
Reference in New Issue
Block a user