#!/bin/sh
set -e -f ${DRY_RUN:+-n} -u
tool=${0%/*}
-. "$tool"/functions.sh
-. "$tool"/vm.sh
-test "$(hostname --fqdn)" = "$vm_fqdn"
+. "$tool"/lib/functions.sh
+. "$tool"/etc/vm.sh
rule_help () {
cat >&2 <<-EOF
EOF
done |
mk_reg mod=640 own=root:root /root/etc/ssh/authorized_keys
- sudo find "$tool"/key -type f -name '*.gpg.pub' -exec gpg --import {} \;
+ sudo find "$tool"/var/pub/openpgp -type f -name '*.key' -exec gpg --import {} \;
}
rule__initramfs_init () {
mk_reg mod=644 own=root:root /etc/initramfs-tools/initramfs.conf <<-EOF
#mk_reg mod=640 own=root:root </dev/null \
# /etc/initramfs-tools/etc/dropbear/dropbear_dss_host_key \
# /etc/initramfs-tools/etc/dropbear/dropbear_dss_host_key.pub
- ssh-keygen -F "init.$vm_fqdn" -f "$tool"/key/ssh.known_hosts |
+ ssh-keygen -F "init.$vm_fqdn" -f "$tool"/etc/openssh/known_hosts |
( while IFS= read -r line
do case $line in (*" RSA") return 0; break;; esac
done; return 1 ) ||
sudo dropbearkey -t rsa -s 4096 -f \
/etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key
- ssh-keygen -F "init.$vm_fqdn" -f "$tool"/key/ssh.known_hosts |
+ ssh-keygen -F "init.$vm_fqdn" -f "$tool"/etc/openssh/known_hosts |
( while IFS= read -r line
do case $line in (*" DSA") return 0; break;; esac
done; return 1 ) ||
mk_dir mod=700 own="root:adm" /etc/skel/tmp
mk_lnk etc/ssh /etc/skel/.ssh
mk_lnk etc/gpg /etc/skel/.gnupg
- ssh-keygen -F "$vm_fqdn" -f "$tool"/key/ssh.known_hosts |
+ ssh-keygen -F "$vm_fqdn" -f "$tool"/etc/openssh/known_hosts |
( while IFS= read -r line
do case $line in (*" RSA") return 0; break;; esac
done; return 1 ) ||
# NOTE: le mot-de-passe doit être initialisé par l'utilisateur à l'aide de passwd-init .
eval local home\; home="~$user"
sudo adduser "$user" sudo
- ssh_key_add user=$user "$tool"/key/"$user".ssh.pub "$home"/etc/ssh/authorized_keys
+ ssh_key_add user=$user "$tool"/var/pub/ssh/"$user".key "$home"/etc/ssh/authorized_keys
rule__initramfs_init
rule__user_root_init
- sudo gpg --import "$tool"/key/"$user".gpg.pub
+ sudo gpg --import "$tool"/var/pub/opengpg/"$user".key
}
rule_user_mail_format () {
mk_dir mod=770 own=root:adm /etc/skel/etc/procmail
rule=${1:-help}
${1+shift}
-set "${TRACE:+-x}"
+case $rule in
+ (help);;
+ (*)
+ test "$(hostname --fqdn)" = "$vm_fqdn"
+ set "${TRACE:+-x}"
+ ;;
+ esac
rule_$rule "$@"