From b208e7bcaf9297190eae44f56f00849ed0c685d0 Mon Sep 17 00:00:00 2001
From: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
Date: Tue, 3 Jan 2023 16:00:12 +0100
Subject: add useraddhook/customize.sh

 - the new user is called "user"
 - no password required for login
 - requires the passwd package installed inside the chroot
 - this adds the new user to the sudo group if it exists
 - requires the passwd and coreutils packages installed inside the chroot
 - adds the new user to the sudo group if it exists
 - ~/.ssh/authorized_keys files is copied from root user if it exists
---
 useraddhook/customize.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100755 useraddhook/customize.sh

(limited to 'useraddhook/customize.sh')

diff --git a/useraddhook/customize.sh b/useraddhook/customize.sh
new file mode 100755
index 0000000..a4390bd
--- /dev/null
+++ b/useraddhook/customize.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+# Copyright 2023 Johannes Schauer Marin Rodrigues <josch@debian.org>
+# SPDX-License-Identifier: MIT
+#
+# Add a non-root user, add them to the sudo group and use the same authorized
+# ssh keys as the root user.
+#
+#  - the new user is called "user"
+#  - no password required for login
+#  - requires the passwd and coreutils packages installed inside the chroot
+#  - adds the new user to the sudo group if it exists
+#  - ~/.ssh/authorized_keys files is copied from root user if it exists
+#
+# Example usage:
+#
+#     $ debvm-create -p sudo -k ~/.ssh/id_rsa.pub -- --hook-dir=.../useraddhook
+#     $ debvm-run -s 8022
+#     $ ssh -l user -p 8022 127.0.0.1 whoami
+#     user
+#     $ ssh -l user -p 8022 127.0.0.1 sudo whoami
+#     root
+#
+
+set -eu
+
+chroot "$1" useradd --home-dir /home/user --create-home --shell /bin/bash user
+chroot "$1" passwd --delete user
+if chroot "$1" getent group sudo >/dev/null; then
+	chroot "$1" usermod --append --groups sudo user
+fi
+if [ -e "$1"/root/.ssh/authorized_keys ]; then
+	chroot "$1" install -o user -g user -m 700 -d /home/user/.ssh
+	chroot "$1" install -o user -g user -t /home/user/.ssh /root/.ssh/authorized_keys
+fi
-- 
cgit v1.2.3