ec333103e1
Not all distros - like openSUSE - create a separate group for each user. Be explicit when creating zuul user like in nodepool/elements/jenkins-slave/install.d/20-jenkins-slave. Code later assumes that user and group are both named zuul, so we need to set the specific zuul group. Also, set /bin/bash as root shell following a similar change for jenkins done in Ic671b7c5344a1e7980bede88bee730b50764e60b to keep these two invocations in sync. Change-Id: Iec8de3c0799aa023ace8f172f84bf8a137d0967b
34 lines
766 B
Bash
Executable File
34 lines
766 B
Bash
Executable File
#!/bin/bash
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
# Add zuul user and group. Note we don't want to rely on
|
|
# "useradd"'s group adding behaviour, because it might differ across
|
|
# distros.
|
|
groupadd zuul
|
|
useradd -m zuul -g zuul -s /bin/bash
|
|
|
|
cat > /etc/sudoers.d/zuul << EOF
|
|
zuul ALL=(ALL) NOPASSWD:ALL
|
|
EOF
|
|
|
|
chmod 0440 /etc/sudoers.d/zuul
|
|
visudo -c || die "Error setting zuul sudo!"
|
|
|
|
# this was copied from outside the chroot by extras.d
|
|
_pub_key=/tmp/in_target.d/zuul-user-ssh-public-key
|
|
if [ ! -f $_pub_key ]; then
|
|
die "Can not find Zuul public key!"
|
|
fi
|
|
|
|
mkdir /home/zuul/.ssh
|
|
chmod 700 /home/zuul/.ssh
|
|
cp $_pub_key /home/zuul/.ssh/authorized_keys
|
|
|
|
# cleanup everything to the right owner
|
|
chown -R zuul:zuul /home/zuul
|