EOF
sudo service ssh restart
}
-rule_user_admin_add () { # SYNTAX: $user
+rule_user_add () { # SYNTAX: $user
+ rule user_configure
local user=$1
id "$user" >/dev/null ||
sudo adduser --disabled-password "$user"
# NOTE: le mot-de-passe doit être initialisé par l'utilisateur à l'aide de passwd-init .
eval local home\; home="~$user"
+ sudo adduser "$user" users
+ sudo install -m 640 -o root -g root \
+ "$tool"/var/pub/ssh/"$user".key \
+ "$home"/etc/ssh/authorized_keys
+ local key; local -; set +f
+ for key in "$tool"/var/pub/openpgp/*.key
+ do sudo -u "$user" gpg --import - <"$key"
+ done
+ }
+rule_user_configure () {
+ true
+ }
+rule_user_admin_add () { # SYNTAX: $user
+ rule user_configure
+ local user=$1
+ id "$user" >/dev/null ||
+ sudo adduser --disabled-password "$user"
+ eval local home\; home="~$user"
sudo adduser "$user" sudo
+ sudo adduser "$user" users
sudo install -m 640 -o root -g root \
"$tool"/var/pub/ssh/"$user".key \
"$home"/etc/ssh/authorized_keys
local key; local -; set +f
for key in "$tool"/var/pub/openpgp/*.key
- do sudo -u "$user" gpg --import "$key"
+ do sudo -u "$user" gpg --import - <"$key"
done
rule user_admin_configure
}
rule_user_configure () {
sudo install -d -m 750 -o root -g adm \
/etc/skel/etc \
+ /etc/skel/etc/gpg \
/etc/skel/etc/ssh
sudo install -d -m 770 -o root -g adm \
/etc/skel/var \
rule_user_root_configure () {
sudo install -d -m 750 -o root -g adm \
/root/etc \
- /root/etc/ssh \
- /root/etc/gpg
+ /root/etc/gpg \
+ /root/etc/ssh
sudo ln -fns etc/gpg /root/.gnupg
sudo ln -fns etc/ssh /root/.ssh
getent group sudo |
dépôts / lhc / ateliers.git / blobdiff