petitboot: Enable user separation

Turn on support for unprivileged user accounts in the Petitboot environment, including setting up a basic non-root user and group. The implementation also requires using the agetty package rather than the busybox getty utility, calling the initial pb-console helper on login rather than directly, and moving some shell init logic from Petitboot and into a .shrc script. If no root password is configured in NVRAM or at runtime then this has no effect aside from some nicer shell behaviour. Once a password is configured then most actions in Petitboot will require this password and the shell runs as a normal user. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
author: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2018-11-26 11:47:43 +1100
committer: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2019-02-06 13:03:28 +1100
commit: db6ca355bc6fbd5e259e3ac5efe844a43d993bad (patch)
tree: 22252d0af5d9c3025fb2da5903bb3300faef8d25 /openpower/overlay
parent: fa1e6bfa93844d9bdd507c666b7f5e9c864c2989 (diff)
download: blackbird-op-build-db6ca355bc6fbd5e259e3ac5efe844a43d993bad.tar.gz
blackbird-op-build-db6ca355bc6fbd5e259e3ac5efe844a43d993bad.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/openpower/overlay/etc/sudoers b/openpower/overlay/etc/sudoers
new file mode 100644
index 00000000..fcaf196a
--- /dev/null
+++ b/openpower/overlay/etc/sudoers
@@ -0,0 +1,4 @@
+root ALL=(ALL) ALL
+%wheel ALL=(ALL) ALL
+Defaults targetpw
+Defaults timestamp_timeout=1
author	Samuel Mendoza-Jonas <sam@mendozajonas.com>	2018-11-26 11:47:43 +1100
committer	Samuel Mendoza-Jonas <sam@mendozajonas.com>	2019-02-06 13:03:28 +1100
commit	db6ca355bc6fbd5e259e3ac5efe844a43d993bad (patch)
tree	22252d0af5d9c3025fb2da5903bb3300faef8d25 /openpower/overlay
parent	fa1e6bfa93844d9bdd507c666b7f5e9c864c2989 (diff)
download	blackbird-op-build-db6ca355bc6fbd5e259e3ac5efe844a43d993bad.tar.gz blackbird-op-build-db6ca355bc6fbd5e259e3ac5efe844a43d993bad.zip