7 Commits

Author	SHA1	Message	Date
johannes.kaufmann	07e487a199	add plugin infrastructure to user script	2019-10-24 15:52:37 +02:00
Matthias Bussonnier	552db9f74d	Don't create home publicly readable ... World-Readable seem to be a surprising default for many people, especially in teaching context. Switch to a more reasonable rwxr-x--- We have to issue a chmod, as changing at creation time would require changin /etc/adduser.conf DIR_MODE=0760 (or whatever), but that seem unwise. We do not set the exact permission in case the DIR_MODE is more restrictive. Closing #158	2018-08-29 14:38:38 -07:00
yuvipanda	49ea4665c6	Explicitly create user home directory when creating user	2018-07-03 17:51:32 -07:00
yuvipanda	4c7cd6a4b5	Use gpasswd instead of usermod ... usermod also calls checkfn, which freaks out when root password has expired. gpasswd does exactly what we want and nothing more.	2018-07-03 17:34:57 -07:00
yuvipanda	cb26150820	Use useradd rather than adduser to create users ... Better suited for scripting use. adduser also seemed to cause issues when root user's password had expired, so let's see if useradd fixes that!	2018-07-03 17:20:41 -07:00
yuvipanda	e957fc3bf0	Don't use sudo for everything ... We are running as root, and will rely on dropping privs via systemd rather than sudo	2018-06-27 02:07:49 -07:00
yuvipanda	f90a0fa540	Use classic unix users rather than systemd dynamic users ... Dynamic Users are neat and probably very useful for a tmpnb style situation. However, for regular use they have the following problems: 1. Can't set ProtectHome=no, so you can never apt install or similar from inside admin accounts. 2. Dynamic uid / gid makes it hard to write sudo rules. We want admin users to have sudo. 3. Persistent uids / gids are very useful for ad-hoc ACLs between users. gid sharing isn't the most flexible sharing mechanism, but it is well known & quite useful. 4. /etc/skel is pretty useful!	2018-06-26 23:50:07 -07:00