diff --git a/README.md b/README.md index d515802..7f8cb49 100644 --- a/README.md +++ b/README.md @@ -61,6 +61,7 @@ echo "ssh-ed25519 AAAA... bar" >> configs/authorized_keys -s ISO pgp sign key -o ISO output file -x Power off after install +-z Sudo without password -v Enable verbose mode -h Display this help message ``` diff --git a/build.sh b/build.sh index 54c4ed5..bd5c473 100755 --- a/build.sh +++ b/build.sh @@ -5,7 +5,7 @@ set -o nounset set -o pipefail usage() { - echo "Usage: $0 [-u username] [-p password] [-n hostname] [-d domain] [-a package] [-i iso_url] [-s sign_key] [-o path] [-x] [-v] [-h]" + echo "Usage: $0 [-u username] [-p password] [-n hostname] [-d domain] [-a package] [-i iso_url] [-s sign_key] [-o path] [-x] [-z] [-v] [-h]" echo "Options:" echo " -u Admin username" echo " -p Admin password" @@ -16,6 +16,7 @@ usage() { echo " -s ISO pgp sign key" echo " -o ISO output file" echo " -x Power off after install" + echo " -z Sudo without password" echo " -v Enable verbose mode" echo " -h Display this help message" } @@ -30,8 +31,9 @@ sign_key="DA87E80D6294BE9B" out_file="debian-12.4.0-amd64-auto.iso" apt_pkgs=() poweroff="" +sudonopw="" -while getopts u:p:n:d:a:i:s:o:xvh opt; do +while getopts u:p:n:d:a:i:s:o:xzvh opt; do case $opt in u) username="$OPTARG" ;; p) password="$OPTARG" ; password_mask="true" ;; @@ -42,6 +44,7 @@ while getopts u:p:n:d:a:i:s:o:xvh opt; do s) sign_key="$OPTARG" ;; o) out_file="$OPTARG" ;; x) poweroff="true" ;; + z) sudonopw="true" ;; v) set -o xtrace ;; h) usage ; exit 0 ;; *) usage ; exit 1 ;; @@ -104,12 +107,19 @@ replace_token "@DOMAIN@" "${domain}" replace_token "@PACKAGES@" "${apt_pkgs[*]}" # add poweroff option -if test -n "${poweroff}"; then +if test "${poweroff}" = "true"; then replace_token "@POWEROFF@" "true" else replace_token "@POWEROFF@" "false" fi +# add sudo no-password option +if test "${sudonopw}" = "true"; then + replace_token "@SUDONOPW@" "true" +else + replace_token "@SUDONOPW@" "false" +fi + # clear existing output iso file if test -f "${out_file}"; then rm -f "${out_file}" diff --git a/installer/late.sh b/installer/late.sh index 60b0b3e..6cd254a 100755 --- a/installer/late.sh +++ b/installer/late.sh @@ -6,6 +6,7 @@ prefix="/target" admin="@USERNAME@" hostname="@HOSTNAME@" domain="@DOMAIN@" +sudonopw="@SUDONOPW@" if test "${hostname}" == "undefined"; then # generate hostname from mac addresses @@ -30,6 +31,11 @@ cp -a "/cdrom/configs/issue" "${prefix}/etc/issue" cp -a "/cdrom/configs/motd" "${prefix}/etc/motd" cp -a "/cdrom/configs/sshd_config" "${prefix}/etc/ssh/sshd_config" +# allow sudo without password +if test "${sudonopw}" = "true"; then + echo "${admin} ALL=(ALL) NOPASSWD: ALL" > "${prefix}/etc/sudoers.d/${admin}" +fi + # authorize ssh keys for root user mkdir -p "${prefix}/root/.ssh" chmod 700 "${prefix}/root/.ssh"