push dkl init boot logic here

This commit is contained in:
Mikaël Cluseau 2023-12-04 13:59:37 +01:00
parent 1555419549
commit 5c87c5b001
2 changed files with 46 additions and 1 deletions

View File

@ -5,6 +5,7 @@ import (
"log"
"os"
"path/filepath"
"strconv"
"strings"
"syscall"
"time"
@ -158,6 +159,46 @@ func applyConfig(cfgPath string, bootMounted bool) (cfg *configV1) {
}
}
// - setup root user
if passwordHash := cfg.RootUser.PasswordHash; passwordHash == "" {
log.Print("deleting root password")
run("chroot", "/system", "passwd", "-d", "root")
} else {
log.Print("setting root password")
run("chroot", "/system", "sh", "-c", "chpasswd --encrypted <<EOF\nroot:"+passwordHash+"\nEOF")
}
// - groups
for _, group := range cfg.Groups {
log.Print("creating group ", group.Name)
opts := make([]string, 0)
opts = append(opts /* chroot */, "/system", "groupadd", "-r")
if group.Gid != 0 {
opts = append(opts, "-g", strconv.Itoa(group.Gid))
}
opts = append(opts, group.Name)
run("chroot", opts...)
}
// - user
for _, user := range cfg.Users {
log.Print("creating user ", user.Name)
opts := make([]string, 0)
opts = append(opts /* chroot */, "/system", "useradd", "-r")
if user.Gid != 0 {
opts = append(opts, "-g", strconv.Itoa(user.Gid))
}
if user.Uid != 0 {
opts = append(opts, "-u", strconv.Itoa(user.Uid))
}
opts = append(opts, user.Name)
run("chroot", opts...)
}
return
}

View File

@ -22,7 +22,11 @@ const (
// VERSION is the current version of init
VERSION = "Direktil init v2.0"
rootMountFlags = 0
// make root rshared (default in systemd, required by Kubernetes 1.10+)
// equivalent to "mount --make-rshared /"
// see kernel's Documentation/sharedsubtree.txt (search rshared)
rootMountFlags = syscall.MS_SHARED | syscall.MS_REC
bootMountFlags = syscall.MS_NOEXEC | syscall.MS_NODEV | syscall.MS_NOSUID | syscall.MS_RDONLY
layerMountFlags = syscall.MS_RDONLY
)