mk_lnk etc/ssh /root/.ssh
getent group sudo |
while IFS=: read -r group x x users
- do while IFS=, read -r user
- do eval local home\; home="~$user"
- cat "$home"/etc/ssh/authorized_keys
- done <<-EOF
+ do while IFS=, read -r user users <<-EOF
$users
EOF
+ do eval local home\; home="~$user"
+ cat "$home"/etc/ssh/authorized_keys
+ done
done |
mk_reg mod=640 own=root:root /root/etc/ssh/authorized_keys
sudo find "$tool"/var/pub/openpgp -type f -name '*.key' -exec gpg --import {} \;
/etc/initramfs-tools/root/.ssh
getent group sudo |
while IFS=: read -r group x x users
- do while IFS=, read -r user
- do eval local home\; home="~$user"
- cat "$home"/etc/ssh/authorized_keys
- done <<-EOF
+ do while IFS=, read -r user users <<-EOF
$users
EOF
+ do eval local home\; home="~$user"
+ cat "$home"/etc/ssh/authorized_keys
+ done
done |
mk_reg mod=644 own=root:root /etc/initramfs-tools/root/.ssh/authorized_keys
sudo rm -f \
sudo update-grub2 # NOTE: prend en compte /boot/grub/device.map
rule__initramfs_init
}
+rule_apticron_init () {
+ sudo apt-get install --reinstall apticron
+ mk_reg mod=644 own=root:root /etc/default/grub <<-EOF
+ EMAIL="admin@heureux-cyclage.org"
+ # DIFF_ONLY="1"
+ # LISTCHANGES_PROFILE="apticron"
+ # ALL_FQDNS="1"
+ # SYSTEM="foobar.example.com"
+ # IPADDRESSNUM="1"
+ # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
+ # NOTIFY_HOLDS="0"
+ # NOTIFY_NEW="0"
+ # NOTIFY_NO_UPDATES="0"
+ # CUSTOM_SUBJECT=""
+ # CUSTOM_NO_UPDATES_SUBJECT=""
+ # CUSTOM_FROM="root@ateliers.heureux-cyclage.org"
+ EOF
+ sudo service apticron restart
+ }
rule__bin_init () {
mk_lnk "$tool"/vm_hosted /usr/local/sbin/
}
<"$tool"/var/pub/ssh/"$user".key
rule__initramfs_init
rule__user_root_init
- sudo gpg --import "$tool"/var/pub/opengpg/"$user".key
- # TODO: importer toutes les clefs des utilisateurices
+ sudo -u "$user" find "$tool"/var/pub/openpgp \
+ -type f -name '*.key' -exec gpg --import {} \;
}
rule_user_mail_format () {
mk_dir mod=770 own=root:adm /etc/skel/etc/procmail
(help);;
(*)
test "$(hostname --fqdn)" = "$vm_fqdn"
- set "${TRACE:+-x}"
+ ${TRACE:+set -x}
;;
esac
rule_$rule "$@"