Skip to content

Commit

Permalink
Add user groups and disable SSH pasword login
Browse files Browse the repository at this point in the history
  • Loading branch information
robballantyne committed Jan 19, 2024
1 parent 23746ce commit e7a2e9d
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 2 deletions.
2 changes: 2 additions & 0 deletions build/COPY_ROOT/etc/ssh/sshd_config.d/no-password.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
PasswordAuthentication no

3 changes: 2 additions & 1 deletion build/COPY_ROOT/opt/ai-dock/bin/init.sh
Original file line number Diff line number Diff line change
Expand Up @@ -192,13 +192,14 @@ function init_create_user() {
mkdir -p ${home_dir}
groupadd -g $WORKSPACE_GID $USER_NAME
useradd -ms /bin/bash $USER_NAME -d $home_dir -u $WORKSPACE_UID -g $WORKSPACE_GID
printf "user:%s" "$USER_PASSWORD" | chpasswd
usermod -a -G $USER_GROUPS $USER_NAME
# May not exist - todo check device ownership
usermod -a -G render $USER_NAME
usermod -a -G sgx $USER_NAME
ln -s $home_dir /home/${USER_NAME}
# See the README (in)security notice
echo "${USER_NAME} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
printf "%s ALL=(ALL) NOPASSWD: ALL\n" ${USER_NAME} >> /etc/sudoers
if [[ ! -e ${home_dir}/.bashrc ]]; then
cp -f /root/.bashrc ${home_dir}
chown ${WORKSPACE_UID}:${WORKSPACE_GID} ${home_dir}/.bashrc
Expand Down
3 changes: 2 additions & 1 deletion build/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ ENV LC_ALL=C.UTF-8
ENV TZ=UTC
ENV SHELL="/bin/bash"
ENV USER_NAME=user
ENV USER_GROUPS=users,ai-dock,adm,sudo,audio,video,tty
ENV USER_PASSWORD=password
ENV USER_GROUPS=users,ai-dock,adm,sudo,audio,video,tty,cdrom,dialout,dip,fax,floppy,lp,plugdev,ssl-cert,sudo,tape,voice
ENV DEBIAN_FRONTEND=noninteractive
ENV PATH=/opt/ai-dock/bin:/opt/micromamba/bin:/opt/caddy/bin:$PATH
ENV OPT_SYNC=
Expand Down

0 comments on commit e7a2e9d

Please sign in to comment.