Browse Source

fix harden sudo ln timezone

main
pvincent 8 months ago
parent
commit
b1d23be151
  1. 2
      lib/harden.sh
  2. 3
      lib/install.sh
  3. 9
      scripts/lxc-miaou-enable-ssh

2
lib/harden.sh

@ -138,7 +138,7 @@ function set_timezone_if_defined {
if ! grep -q "$timezone" /etc/timezone; then if ! grep -q "$timezone" /etc/timezone; then
if [[ -f "/usr/share/zoneinfo/$timezone" ]]; then if [[ -f "/usr/share/zoneinfo/$timezone" ]]; then
echo "set timezone to $timezone ..." echo "set timezone to $timezone ..."
ln -fs "/usr/share/zoneinfo/$timezone" /etc/localtime
sudo ln -fs "/usr/share/zoneinfo/$timezone" /etc/localtime
dpkg-reconfigure -f noninteractive tzdata dpkg-reconfigure -f noninteractive tzdata
echo OK echo OK
else else

3
lib/install.sh

@ -427,9 +427,6 @@ function ask_for_email {
local PREFIX="install:ask_for_email" local PREFIX="install:ask_for_email"
valid_email=$(auto_detect_email) valid_email=$(auto_detect_email)
#TODO: to delete...
# echo "valid_email=$valid_email" && exit 1
while ! is_email_valid "$valid_email"; do while ! is_email_valid "$valid_email"; do
echo -n "mandatory email: " echo -n "mandatory email: "
read -rei "$valid_email" valid_email read -rei "$valid_email" valid_email

9
scripts/lxc-miaou-enable-ssh

@ -63,9 +63,12 @@ EOF
lxc exec "$CONTAINER" -- mkdir -p "/home/$SSH_USER/.ssh" lxc exec "$CONTAINER" -- mkdir -p "/home/$SSH_USER/.ssh"
lxc exec "$CONTAINER" -- chown "$SSH_USER:$SSH_USER" "/home/$SSH_USER/.ssh" lxc exec "$CONTAINER" -- chown "$SSH_USER:$SSH_USER" "/home/$SSH_USER/.ssh"
lxc exec "$CONTAINER" -- chmod 760 "/home/$SSH_USER/.ssh" lxc exec "$CONTAINER" -- chmod 760 "/home/$SSH_USER/.ssh"
lxc file push --uid 0 --gid 0 "/home/$miaou_user/.ssh/id_ed25519.pub" "$CONTAINER/home/$SSH_USER/.ssh/authorized_keys" &>/dev/null
lxc exec "$CONTAINER" -- chown "$SSH_USER:$SSH_USER" "/home/$SSH_USER/.ssh/authorized_keys"
lxc exec "$CONTAINER" -- chmod 600 "/home/$SSH_USER/.ssh/authorized_keys"
if [[ -f "/home/$miaou_user/.ssh/authorized_keys" ]]; then
lxc file push --uid 0 --gid 0 "/home/$miaou_user/.ssh/authorized_keys" "$CONTAINER/home/$SSH_USER/.ssh/authorized_keys" &>/dev/null
lxc exec "$CONTAINER" -- chown "$SSH_USER:$SSH_USER" "/home/$SSH_USER/.ssh/authorized_keys"
lxc exec "$CONTAINER" -- chmod 600 "/home/$SSH_USER/.ssh/authorized_keys"
fi
echo "create symbolic link for curl from TOOLBOX as required for Codium remote-ssh" echo "create symbolic link for curl from TOOLBOX as required for Codium remote-ssh"
lxc exec "$CONTAINER" -- ln -sf /TOOLBOX/curl /usr/bin/ lxc exec "$CONTAINER" -- ln -sf /TOOLBOX/curl /usr/bin/

Loading…
Cancel
Save