VA
/
virtual-appliance
1
0
Fork 0
Code Issues Pull Requests Releases 7 Wiki Activity

default appliance: add p7zip, create /etc/sudoers.d

This commit is contained in:
Jörg Deckert 2023-07-15 16:53:53 +02:00
parent 804560ea06
commit 573efaddb3
2 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
appliances/default/Makefile
View File

@ -16,12 +16,12 @@ $(HARDENED):
RUN $(EMERGE) $(USEPKG) --emptytree @world
RUN $(EMERGE) --depclean --with-bdeps=n
RUN bash -c 'yes YES | etc-update --automode -9'
##ifneq ($(EXTERNAL_KERNEL),YES)
## if ! grep -q "$(shell /usr/bin/gcc --version | grep gcc)" "$(shell cat $(KERNEL_PATH))/.config"; then \
## RUN $(EMERGE) $(USEPKG) --onlydeps --oneshot --noreplace sys-kernel/$(KERNEL_PKG); \
## RUN make -C /usr/src/linux MAKEOPTS=$(MAKEOPTS) clean oldconfig modules_prepare; \
## fi
##endif
ifneq ($(EXTERNAL_KERNEL),YES)
if ! grep -q "$(shell /usr/bin/gcc --version | grep gcc)" "$(shell cat $(KERNEL_PATH))/.config"; then \
RUN $(EMERGE) $(USEPKG) --onlydeps --oneshot --noreplace sys-kernel/$(KERNEL_PKG); \
RUN make -C /usr/src/linux MAKEOPTS=$(MAKEOPTS) clean oldconfig $(KERNEL_MODULES_PREPARE); \
fi
endif
touch $(HARDENED)
$(timesyncd_conf): default/timesyncd.conf
@ -44,6 +44,7 @@ $(PAM_SSH_AGENT_AUTH):
sed -i 's/# %wheel ALL=(ALL:ALL) NOPASSWD: ALL/%wheel ALL=(ALL:ALL) NOPASSWD: ALL/' $(CHROOT)/etc/sudoers
sed -i 's#^auth.*$$#auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth required pam_env.so readenv=1 user_readenv=0\nsession required pam_env.so readenv=1 user_readenv=0\nauth substack system-auth#' $(CHROOT)/etc/pam.d/sudo
sed -i 's#^auth.*$$#auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth required pam_env.so readenv=1 user_readenv=0\nsession required pam_env.so readenv=1 user_readenv=0\nauth substack system-auth#' $(CHROOT)/etc/pam.d/sudo-i
mkdir -p $(CHROOT)/etc/sudoers.d
echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock
touch $(PAM_SSH_AGENT_AUTH)

1
appliances/default/world
View File

@ -1,5 +1,6 @@
app-admin/logrotate
app-admin/sudo
app-arch/p7zip
app-emulation/open-vm-tools
app-emulation/qemu-guest-agent
app-misc/mc