From 106c1a0e955307600947233a53b47bd322b18e47 Mon Sep 17 00:00:00 2001 From: Logan Gartner Date: Wed, 12 Aug 2020 02:59:46 -0600 Subject: [PATCH] Improved security, builds have timestamps, first-time improvements Added the unix timestamp for when the build was built to the file name Disabled no password on the pi account for sudo actions Fixed a stupid mistake where I piped a function into bash instead of the void --- build.sh | 2 +- stage2/01-sys-tweaks/01-run.sh | 3 +++ stage2/05-firsttime/files/first-time.sh | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/build.sh b/build.sh index 5da3653..59d61c8 100755 --- a/build.sh +++ b/build.sh @@ -153,7 +153,7 @@ fi export USE_QEMU="${USE_QEMU:-0}" export IMG_DATE="${IMG_DATE:-"$(date +%Y-%m-%d)"}" -export IMG_FILENAME="${IMG_FILENAME:-"${IMG_DATE}-${IMG_NAME}"}" +export IMG_FILENAME="${IMG_FILENAME:-"${IMG_DATE}-$(date +%s)-${IMG_NAME}"}" export ZIP_FILENAME="${ZIP_FILENAME:-"image_${IMG_DATE}-${IMG_NAME}"}" export SCRIPT_DIR="${BASE_DIR}/scripts" diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh index 415e50e..813b31f 100755 --- a/stage2/01-sys-tweaks/01-run.sh +++ b/stage2/01-sys-tweaks/01-run.sh @@ -57,3 +57,6 @@ usermod --pass='*' root EOF rm -f "${ROOTFS_DIR}/etc/ssh/"ssh_host_*_key* + +rm -f "${ROOTFS_DIR}/etc/sudoers.d/010_pi-nopasswd" # Fuck you :) +echo "%sudo ALL=(ALL:ALL) ALL" > /etc/sudoers.d/group diff --git a/stage2/05-firsttime/files/first-time.sh b/stage2/05-firsttime/files/first-time.sh index 83ec0a8..ba98d72 100755 --- a/stage2/05-firsttime/files/first-time.sh +++ b/stage2/05-firsttime/files/first-time.sh @@ -57,7 +57,7 @@ screen_timeout() { EOF } -: << EOF +<< EOF main_menu () { local MAINMENU=$(whiptail --separate-output --nocancel --title "Pi Setup" --menu "" 10 50 0 \ "1" "Setup Networking" \