nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/debian/postinst
Joseph Nuthalapati ba9af6ddff
firstboot: Prompt for secret during firstboot welcome 
- A freshly installed FreedomBox can be hijacked by a third party and an admin
  account can be created which can be used to inject malware or simply take over
  the instance. Password protecting the firstboot step is a good way to avoid
  this. A secret will be displayed to the user as soon as the Plinth package
  is installed, which they have to enter during firstboot welcome step. Also,
  writing this to a file in plinth's home in case the user loses it.
- This protection is not applicable for images built by freedom-maker and for
  Amazon Machine Images.

Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2018-07-04 20:22:54 -04:00

37 lines
1.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
set -e
# Source debconf library.
. /usr/share/debconf/confmodule
daemonuser=plinth
daemongroup=plinth
# Due to a change in sudo, now it runs PAM modules even on password-less
# invocations. This leads to plinth not being able to run root privileges. This
# is because of our own restrictions in /etc/security/access.conf. Since Plinth
# is locked out after upgrade, we need to do this in postinst.
sed -ie 's+-:ALL EXCEPT root fbx (admin) (sudo):ALL+-:ALL EXCEPT root fbx plinth (admin) (sudo):ALL+' /etc/security/access.conf
case "$1" in
configure)
addgroup --system --quiet plinth
adduser --system --quiet --ingroup plinth --no-create-home --home /var/lib/plinth plinth
chown -R plinth: /var/lib/plinth /var/log/plinth
if [ ! -e '/var/lib/freedombox/is-freedombox-disk-image' ]; then
umask 377
cat /dev/urandom | base64 | head -c16 > /var/lib/plinth/firstboot-wizard-secret
chown plinth:plinth /var/lib/plinth/firstboot-wizard-secret
db_subst plinth/firstboot_wizard_secret secret $(cat /var/lib/plinth/firstboot-wizard-secret)
db_input high plinth/firstboot_wizard_secret || true
db_go
fi
;;
esac
#DEBHELPER#
exit 0
Reference in New Issue View Git Blame Copy Permalink