--shell /bin/false \
--system
sudo adduser git git-data
- sudo install -d -m 770 -o git -g git \
+ sudo install -d -m 750 -o git -g git \
/etc/gitolite \
/home/git/etc \
/home/git/etc/ssh
fi
sudo service tmpfs restart
sudo insserv -r mysql
+ sudo chmod ugo-x /etc/init.d/mysql
case $(sudo sv status mysql || true) in
(''|run:*|*"s, normally up;"*)
sudo sv restart mysql
done
rule apt_get_install spawn-fcgi fcgiwrap
sudo insserv --remove fcgiwrap
+ sudo chmod ugo-x /etc/init.d/fcgiwrap
#sudo insserv --remove nginx
+ #sudo chmod ugo-x /etc/init.d/nginx
rule tmpfs_configure
sudo service php5-fpm restart
# NOTE: relance les processus du pool
} |
sudo install -m 640 -o root -g nsd /dev/stdin \
/etc/nsd3/nsd.conf
+ sudo nsdc rebuild
sudo service nsd3 restart
}
rule_php5_fpm_configure () {
"$tool"/etc/postgresql/9.1/main/postgresql.conf \
/etc/postgresql/9.1/main/postgresql.conf
sudo insserv -r postgresql
+ sudo chmod ugo-x /etc/init.d/postgresql
case $(sudo sv status postgres || true) in
(''|run:*|*"s, normally up;"*)
sudo sv restart postgres
# - supprime l'accès au schéma public depuis public,
# de sorte à ce que les différents utilisateurices
# ne voient pas leurs bases de données entre-elleux ;
- # - ajoute le support de PL/PGSQL
+ # - ajoute le support de PL/PGSQL.
sudo -u postgres psql template1 -f - <<-EOF
REVOKE ALL ON DATABASE template1 FROM public;
REVOKE ALL ON SCHEMA public FROM public;
sudo service unbound restart
}
rule_user_add () { # SYNTAX: $user
- rule user_configure
- local user=$1
- rule adduser "$user" --disabled-password
+ local user="$1"; shift
+ rule adduser "$user" --disabled-password "$@"
# NOTE: le mot-de-passe doit être initialisé par l'utilisateur à l'aide de passwd-init .
eval local home\; home="~$user"
sudo adduser "$user" users
- sudo install -m 640 -o root -g root \
+ sudo install -m 640 -o "$user" -g "$user" \
"$tool"/var/pub/ssh/"$user".key \
"$home"/etc/ssh/authorized_keys
local key; local -; set +f
LAST_UID=29999
LETTERHOMES=no
NAME_REGEX="^[a-z][-a-z0-9_]*\$"
- QUOTAUSER="" # TODO: init
+ QUOTAUSER=""
+ # TODO: configure a template user (with edquota or setquota)
+ # and indicate their user name in the QUOTAUSER variable.
SETGID_HOME=no
SKEL=/etc/skel
SKEL_IGNORE_REGEX="dpkg-(old|new|dist|save)"
sudo install -m 644 -o root -g root \
"$tool"/etc/screenrc \
/etc/screenrc
+ local sh; local -; set +f
+ for sh in "$tool"/etc/user.d/*/configure.sh
+ do sh=${sh#"$tool"/etc/user.d/}
+ local user="${sh%/configure.sh}"
+ . "$tool"/etc/user.d/"$sh"
+ done
}
rule_user_admin_add () { # SYNTAX: $user
rule user_configure