u
This commit is contained in:
parent
7f15783d70
commit
cda2881cf5
@ -41,7 +41,6 @@ else
|
||||
fi
|
||||
echo
|
||||
|
||||
# 注意,由 root 为新用户创建的配置文件的 owner 是 root,而不是新用户
|
||||
if [ $NewUser = 'adot' ]
|
||||
then
|
||||
source /faronear/fon/sysconfig/home-config.sh /faronear/fon/sysconfig/nixhome $NewUser
|
||||
|
||||
@ -41,14 +41,18 @@ echo "=== Configure root home"
|
||||
source /faronear/fon/sysconfig/home-config.sh /faronear/fon/sysconfig/nixhome
|
||||
echo
|
||||
|
||||
echo "=== Change root password"
|
||||
passwd
|
||||
echo "=== Change root password? <y> for yes, anything else for omit:"
|
||||
read -p ">>> " ChangeRootPassword
|
||||
if [ "$ChangeRootPassword" == 'y' ]
|
||||
then
|
||||
passwd
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== Configure /etc/sudoers"
|
||||
chmod o+w /etc/sudoers
|
||||
#sed -i "s|%sudo\s\+ALL=(ALL:ALL)\sALL|%sudo\tALL=(ALL:ALL) NOPASSWD:ALL|g" /etc/sudoers # allow all users in %sudo group to sudo without password
|
||||
sed -i "s|#includedir /etc/sudoers.d|includedir /etc/sudoers.d|g" /etc/sudoers # allow users in /etc/sudoers.d/ folder to sudo
|
||||
sed -i "s|#includedir /etc/sudoers.d|@includedir /etc/sudoers.d|g" /etc/sudoers # allow users in /etc/sudoers.d/ folder to sudo
|
||||
chmod o-w /etc/sudoers
|
||||
echo
|
||||
|
||||
|
||||
@ -61,26 +61,25 @@ then
|
||||
echo
|
||||
echo "=== Append or link or omit [.ssh/authorized_keys] to config ssh server? <a> for append, <l> for link, <<anything else>> for omit:"
|
||||
read -p ">>> " CopyOrLinkOrOmitAuthorizedKeys
|
||||
if [ "$CopyOrLinkOrOmitAuthorizedKeys" = 'l' ]
|
||||
then
|
||||
echo "--- Linking $SourcePath/authorized_keys to $HomePath/.ssh/authorized_keys ..."
|
||||
|
||||
mkdir -p $HomePath/.ssh
|
||||
chmod 700 $HomePath/.ssh
|
||||
chown adot:adot .ssh
|
||||
mv $HomePath/.ssh/authorized_keys $HomePath/.ssh/authorized_keys.backup-$(date +%Y%m%d%H%M%S)
|
||||
ln -s $SourcePath/.ssh/authorized_keys $HomePath/.ssh/authorized_keys
|
||||
elif [ "$CopyOrLinkOrOmitAuthorizedKeys" = 'a' ]
|
||||
then
|
||||
mkdir -p $HomePath/.ssh
|
||||
chmod 700 $HomePath/.ssh
|
||||
if [ "$2" ]
|
||||
if [ "$2" ] # 注意,由 root 为新用户创建的配置文件的 owner 是 root,而不是新用户,导致新用户无法读取该文件而密钥登录失败,因此要重设 owner。
|
||||
then
|
||||
chown $2:$2 $HomePath
|
||||
fi
|
||||
if [ -L '$HomePath/.ssh/authorized_keys' ]
|
||||
if [ -e '$HomePath/.ssh/authorized_keys' ]
|
||||
then
|
||||
mv $HomePath/.ssh/authorized_keys $HomePath/.ssh/authorized_keys.backup
|
||||
mv $HomePath/.ssh/authorized_keys $HomePath/.ssh/authorized_keys.backup-$(date +%Y%m%d%H%M%S)
|
||||
fi
|
||||
|
||||
if [ "$CopyOrLinkOrOmitAuthorizedKeys" = 'l' ]
|
||||
then
|
||||
echo "--- Linking $SourcePath/authorized_keys to $HomePath/.ssh/authorized_keys ..."
|
||||
ln -s $SourcePath/.ssh/authorized_keys $HomePath/.ssh/authorized_keys
|
||||
elif [ "$CopyOrLinkOrOmitAuthorizedKeys" = 'a' ]
|
||||
then
|
||||
echo "--- Copying $SourcePath/authorized_keys to $HomePath/.ssh/authorized_keys ..."
|
||||
cat $SourcePath/.ssh/authorized_keys >> $HomePath/.ssh/authorized_keys
|
||||
chmod 600 $HomePath/.ssh/authorized_keys
|
||||
fi
|
||||
|
||||
Loading…
Reference in New Issue
Block a user