Administration/pmbootstrap-meow
2
0
Fork 0
forked from Mirror/pmbootstrap
Code Pull requests Activity Actions

install: get install_user_groups from pmaports.cfg

Browse source 
Get the groups from pmaports.cfg in the currently checked out pmaports
branch. This is in preparation for removing "input" from the list of
default groups to tighten security. We can do it in edge first, fix
possible fallout and have it in the next release branch.

Related: pmbootstrap issue 2257
Related: https://postmarketos.org/pmaports.cfg
Reviewed-by: Luca Weiss <luca@z3ntu.xyz>
Link: https://lists.sr.ht/~postmarketos/pmbootstrap-devel/%3C20230803080203.6549-1-ollieparanoid@postmarketos.org%3E
This commit is contained in:
Oliver Smith 2023-08-03 10:01:28 +02:00
parent 17ce5e611c
commit b08d29df5d
No known key found for this signature in database
GPG key ID: 5AE7F5513E0885CB
2 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pmb/install/_install.py
View file

@ -204,7 +204,13 @@ def set_user(args):
if not pmb.chroot.user_exists(args, args.user, suffix):
pmb.chroot.root(args, ["adduser", "-D", "-u", "10000", args.user],
suffix)
groups = pmb.install.ui.get_groups(args) + pmb.config.install_user_groups
pmaports_cfg = pmb.config.pmaports.read_config(args)
groups = []
groups += pmaports_cfg.get("install_user_groups",
"audio,input,netdev,plugdev,video,wheel").split(",")
groups += pmb.install.ui.get_groups(args)
for group in groups:
pmb.chroot.root(args, ["addgroup", "-S", group], suffix,
check=False)