X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=vm_hosted;h=ebb930de6e5a5c37daa97af861853a4ea3d103e7;hb=5020fb59510a981bd021e5d34fee268d26eb40a0;hp=bd4d06431a57941742f53a88f6cf3baa0dcd0cad;hpb=b7d2dd6974bd1a92bcebf30779c6467111d01429;p=lhc%2Fateliers.git diff --git a/vm_hosted b/vm_hosted index bd4d064..ebb930d 100755 --- a/vm_hosted +++ b/vm_hosted @@ -219,16 +219,19 @@ rule__user_root_init () { mk_lnk etc/gpg /root/.gnupg mk_lnk etc/ssh /root/.ssh getent group sudo | - while IFS=: read -r group x x users - do while IFS=, read -r user - do eval local home\; home="~$user" - cat "$home"/etc/ssh/authorized_keys - done <<-EOF + while test -n "$users" && IFS=: read -r group x x users + do while IFS=, read -r user users <<-EOF $users EOF + do eval local home\; home="~$user" + cat "$home"/etc/ssh/authorized_keys + done done | mk_reg mod=640 own=root:root /root/etc/ssh/authorized_keys - sudo find "$tool"/var/pub/openpgp -type f -name '*.key' -exec gpg --import {} \; + local key + for key in "$tool"/var/pub/openpgp/*.key + do sudo gpg --import "$key" + done } rule__initramfs_init () { mk_reg mod=644 own=root:root /etc/initramfs-tools/initramfs.conf <<-EOF @@ -278,12 +281,12 @@ rule__initramfs_init () { /etc/initramfs-tools/root/.ssh getent group sudo | while IFS=: read -r group x x users - do while IFS=, read -r user - do eval local home\; home="~$user" - cat "$home"/etc/ssh/authorized_keys - done <<-EOF + do while test -n "$users" && IFS=, read -r user users <<-EOF $users EOF + do eval local home\; home="~$user" + cat "$home"/etc/ssh/authorized_keys + done done | mk_reg mod=644 own=root:root /etc/initramfs-tools/root/.ssh/authorized_keys sudo rm -f \ @@ -313,6 +316,25 @@ rule__boot_init () { sudo update-grub2 # NOTE: prend en compte /boot/grub/device.map rule__initramfs_init } +rule_apticron_init () { + sudo apt-get install --reinstall apticron + mk_reg mod=644 own=root:root /etc/default/grub <<-EOF + EMAIL="admin@heureux-cyclage.org" + # DIFF_ONLY="1" + # LISTCHANGES_PROFILE="apticron" + # ALL_FQDNS="1" + # SYSTEM="foobar.example.com" + # IPADDRESSNUM="1" + # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" + # NOTIFY_HOLDS="0" + # NOTIFY_NEW="0" + # NOTIFY_NO_UPDATES="0" + # CUSTOM_SUBJECT="" + # CUSTOM_NO_UPDATES_SUBJECT="" + # CUSTOM_FROM="root@ateliers.heureux-cyclage.org" + EOF + sudo service apticron restart + } rule__bin_init () { mk_lnk "$tool"/vm_hosted /usr/local/sbin/ } @@ -428,8 +450,10 @@ rule_user_admin_add () { # SYNTAX: $user <"$tool"/var/pub/ssh/"$user".key rule__initramfs_init rule__user_root_init - sudo -u "$user" find "$tool"/var/pub/openpgp \ - -type f -name '*.key' -exec gpg --import {} \; + local key; local -; set +f + for key in "$tool"/var/pub/openpgp/*.key + do sudo -u "$user" gpg --import "$key" + done } rule_user_mail_format () { mk_dir mod=770 own=root:adm /etc/skel/etc/procmail @@ -801,8 +825,9 @@ ${1+shift} case $rule in (help);; (*) - test "$(hostname --fqdn)" = "$vm_fqdn" - set "${TRACE:+-x}" + test "$(hostname --fqdn)" = "$vm_fqdn" || + error 1 "mauvaise machine" + ${TRACE:+set -x} ;; esac rule_$rule "$@"