mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
37 lines
1.2 KiB
Bash
Executable File
37 lines
1.2 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
# Source debconf library.
|
|
. /usr/share/debconf/confmodule
|
|
|
|
daemonuser=plinth
|
|
daemongroup=plinth
|
|
|
|
# Due to a change in sudo, now it runs PAM modules even on password-less
|
|
# invocations. This leads to plinth not being able to run root privileges. This
|
|
# is because of our own restrictions in /etc/security/access.conf. Since Plinth
|
|
# is locked out after upgrade, we need to do this in postinst.
|
|
sed -i 's+-:ALL EXCEPT root fbx (admin) (sudo):ALL+-:ALL EXCEPT root fbx plinth (admin) (sudo):ALL+' /etc/security/access.conf
|
|
|
|
case "$1" in
|
|
configure)
|
|
addgroup --system --quiet plinth
|
|
adduser --system --quiet --ingroup plinth --no-create-home --home /var/lib/plinth plinth
|
|
chown -R plinth: /var/lib/plinth /var/log/plinth
|
|
|
|
if [ ! -e '/var/lib/freedombox/is-freedombox-disk-image' ]; then
|
|
umask 377
|
|
cat /dev/urandom | base64 | head -c16 > /var/lib/plinth/firstboot-wizard-secret
|
|
chown plinth:plinth /var/lib/plinth/firstboot-wizard-secret
|
|
db_subst plinth/firstboot_wizard_secret secret $(cat /var/lib/plinth/firstboot-wizard-secret)
|
|
db_input high plinth/firstboot_wizard_secret || true
|
|
db_go
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
#DEBHELPER#
|
|
|
|
exit 0
|