From: Paul Hänsch <paul@plutz.net>
Date: Thu, 10 Oct 2019 11:44:55 +0000 (+0200)
Subject: Merge branch 'master' into oktopus
X-Git-Url: http://git.plutz.net/?p=blast;a=commitdiff_plain;h=b1245121f78bd10ff2c8a6abc5d9d092bc09a0b5;hp=81cea2ef64332c6fe385a0145c7caa75bc160f50

Merge branch 'master' into oktopus
---

diff --git a/config.example b/config.example
index 33064de..faf4485 100644
--- a/config.example
+++ b/config.example
@@ -42,6 +42,10 @@
 ## Comma separated list of locales, first one will become default locale
 # locales=de_DE.UTF-8,en_US.UTF-8
 
+## Keyboard as used in debconfs keyboard-configuration/variant
+## Use debconf-get-selections to find out the exact string
+# keyboard=German
+
 ## If nodm is installed, you can choose a user to login automatically
 ## If no user is given here, then nodm will default to root
 # nodm_user=adam
@@ -49,8 +53,12 @@
 ## In nodm, use full screen chromium web browser as session
 # webui=http://localhost/
 
-## When using NIS modules the directory server should be given
+## When using NIS modules the directory server and NIS domain should be given
 # nis_server=nismaster
+# nis_domain=example.com
+
+## also when using SMB the main server must be given
+# smb_server=smbmaster
 
 ## If the approxmodule is enabled, then one (and only one) apt-source
 ## can be choosen to install packages from
diff --git a/modules/default.mk b/modules/default.mk
index 6282070..7c3133f 100644
--- a/modules/default.mk
+++ b/modules/default.mk
@@ -23,11 +23,17 @@ ${RPICONFIG}
 dtoverlay=vc4-fkms-v3d,cma-256
 endef
 
-.PHONY: _debconf_selections _raspberry_config
+.PHONY: _debconf_selections _raspberry_config _keyboard
 _install: _debconf_selections
 _debconf_selections: ${SYSROOT}
 	printf '%s\n' "$${DEBCONF}" |chroot "$${SYSROOT}" debconf-set-selections
 
+ifdef keyboard
+  _config: _keyboard
+endif
+_keyboard: ${CFGROOT}
+	-sed -Ei 's;^XKBLAYOUT=.*$$;XKBLAYOUT="${keyboard}";;' "$${CFGROOT}/etc/default/keyboard"
+
 ifdef raspi
   _config: _raspberry_config
 endif
@@ -96,6 +102,7 @@ _users: ${CFGROOT}
 
 _hostname: ${CFGROOT}
 	printf '%s\n' "$${hostname}" >"$${CFGROOT}/etc/hostname"
+	sed -Ei "s;^127\.0\.0\.1.*$$;&	$${hostname};" "$${CFGROOT}/etc/hosts"
 
 ifdef wifi
   _config: ${CFGROOT}/etc/network/interfaces.d/wifi
diff --git a/modules/nodm.mk b/modules/nodm.mk
index 2d3b6ee..6d8d760 100644
--- a/modules/nodm.mk
+++ b/modules/nodm.mk
@@ -35,6 +35,7 @@ endif
 .PHONY: _nodm_user _nodm_cfg
 
 _nodm_cfg: ${CFGROOT}
+	sed -Ei 's;^TimeoutStopSec=.*$$;TimeoutStopSec=1;' "$${CFGROOT}/lib/systemd/system/nodm.service"
 	rm "$${CFGROOT}/etc/default/nodm"
 	chroot "$${CFGROOT}" dpkg-reconfigure --default-priority -u nodm
 
diff --git a/modules/smb_nis.mk b/modules/smb_nis.mk
index a940d1d..d11d00b 100644
--- a/modules/smb_nis.mk
+++ b/modules/smb_nis.mk
@@ -1,12 +1,18 @@
-PACKAGES += cifs-utils libpam-mount libpam-script lxdm nis nscd samba-common-bin usermode
+PACKAGES += cifs-utils libpam-mount libpam-script lightdm nis nscd samba-common-bin usermode
 
 ifndef nis_server
   nis_server := nismaster
 endif
+ifndef nis_domain
+  nis_domain := ${nis_server}
+endif
+ifndef smb_server
+  smb_server := ${nis_server}
+endif
 
 define DEBCONF +=
 
-nis	nis/domain	string	.${nis_server}
+nis	nis/domain	string	${nis_domain}
 endef
 
 export smb_nis_pamscript smb_nis_pammount
@@ -14,9 +20,10 @@ export smb_nis_pamscript smb_nis_pammount
 define smb_nis_pamscript :=
 #!/bin/sh
 
+# forced through bash, to hide euid from smbpasswd
 /bin/bash -c '
   printf "%s\n" "$$PAM_OLDAUTHTOK" "$$PAM_AUTHTOK" "$$PAM_AUTHTOK" \
-  | smbpasswd -sr ${nis_server} -U "$$PAM_USER"
+  | smbpasswd -sr ${smb_server} -U "$$PAM_USER"
 '
 
 exit $?
@@ -26,7 +33,7 @@ endef
 define smb_nis_pammount :=
 <pam_mount> <debug enable="0" />
   <!-- Volume definitions -->
-  <volume options="user=%(USER)" fstype="cifs" server="${nis_server}"     path="%(USER)" mountpoint="~" />
+  <volume options="user=%(USER)" fstype="cifs" server="${smb_server}"     path="%(USER)" mountpoint="~" />
   <mntoptions require="nosuid,nodev" />
   <logout wait="0" hup="no" term="no" kill="no" />
   <mkmountpoint enable="1" remove="true" />
@@ -41,21 +48,22 @@ _smb_nis: ${CFGROOT}/opt/pam_script/pam_script_passwd ${CFGROOT}/etc/security/pa
 _smb_nis: ${CFGROOT}/etc/yp.conf ${CFGROOT}/etc/defaultdomain
 
 _smb_nis: ${CFGROOT}
-	sed -Ei 's;^(passwd:|group:|shadow:|gshadow:) *;\1	nis ;' $${CFGROOT}/etc/nsswitch.conf
+	sed -Ei 's;^(passwd:|group:|shadow:|gshadow:).*$$;\1	files nis;' $${CFGROOT}/etc/nsswitch.conf
+	sed -Ei '/pam_(script|mount).so/d' $${CFGROOT}/etc/pam.d/common-*
 	printf '\nauth		optional	pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-auth
 	printf '\nsession	optional	pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-session
 	printf '\npassword	required	pam_script.so dir=/opt/pam_script\n'  >$${CFGROOT}/etc/pam.d/common-password
 
-${CFGROOT}/opt/pam_script/pam_script_passwd: ${CFGROOT}
+${CFGROOT}/opt/pam_script/pam_script_passwd: ${CFGROOT} .FORCE
 	mkdir -p "$(dir $@)"
 	printf '%s' "$${smb_nis_pamscript}" >"$@"
 
-${CFGROOT}/etc/security/pam_mount.conf.xml: ${CFGROOT}
+${CFGROOT}/etc/security/pam_mount.conf.xml: ${CFGROOT} .FORCE
 	mkdir -p "$(dir $@)"
 	printf '%s' "$${smb_nis_pammount}" >"$@"
 
-${CFGROOT}/etc/yp.conf: ${CFGROOT}
+${CFGROOT}/etc/yp.conf: ${CFGROOT} .FORCE
 	printf 'ypserver	%s\n' "${nis_server}" >"$@"
 
-${CFGROOT}/etc/defaultdomain: ${CFGROOT}
-	printf '.%s\n' "${nis_server}" >"$@"
+${CFGROOT}/etc/defaultdomain: ${CFGROOT} .FORCE
+	printf '%s\n' "${nis_domain}" >"$@"