Date: Tue, 30 Sep 2025 15:23:37 GMT From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 96cd2eb699f7 - stable/15 - release: Prepare Vagrant cloudware images for building as non-root Message-ID: <202509301523.58UFNbDU045656@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=96cd2eb699f70e729d81eb65baa5189b9134926d commit 96cd2eb699f70e729d81eb65baa5189b9134926d Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-09-16 16:54:25 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2025-09-30 09:43:08 +0000 release: Prepare Vagrant cloudware images for building as non-root Add metalog entries for various files. This is a bit incomplete as pw(8) doesn't yet have support for emitting metalog entries, which we need since it's used here to create an interactive user. Reviewed by: emaste MFC after: 3 days Sponsored by: The FreeBSD Foundation Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D52456 (cherry picked from commit 135cb071e0683ea947c308a2de404d1185558ea6) --- release/tools/vagrant.conf | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/release/tools/vagrant.conf b/release/tools/vagrant.conf index 506174d0ea16..7ab0e1238693 100644 --- a/release/tools/vagrant.conf +++ b/release/tools/vagrant.conf @@ -47,19 +47,22 @@ vagrant_common () { -c 'Vagrant User' -d '/home/vagrant' -s '/bin/csh' # Change root's password to vagrant - echo 'vagrant' | /usr/sbin/pw -R ${DESTDIR} \ - usermod root -h 0 + echo 'vagrant' | /usr/sbin/pw -R ${DESTDIR} usermod root -h 0 # Configure sudo to allow the vagrant user echo 'vagrant ALL=(ALL:ALL) NOPASSWD: ALL' >> ${DESTDIR}/usr/local/etc/sudoers # Configure the vagrant ssh keys mkdir ${DESTDIR}/home/vagrant/.ssh - chmod 700 ${DESTDIR}/home/vagrant/.ssh + echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" > ${DESTDIR}/home/vagrant/.ssh/authorized_keys echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN1YdxBpNlzxDqfJyw/QKow1F+wvG9hXGoqiysfJOn5Y vagrant insecure public key" >> ${DESTDIR}/home/vagrant/.ssh/authorized_keys - chown -R 1001 ${DESTDIR}/home/vagrant/.ssh chmod 600 ${DESTDIR}/home/vagrant/.ssh/authorized_keys + metalog_add_data ./home/vagrant/.ssh/authorized_keys 0600 + + chmod 700 ${DESTDIR}/home/vagrant/.ssh + chown -R 1001 ${DESTDIR}/home/vagrant/.ssh + echo "./home/vagrant/.ssh type=dir uid=1001 gid=1001 mode=0700" >> METALOG # Reboot quickly, Don't wait at the panic screen echo 'debug.trace_on_panic=1' >> ${DESTDIR}/etc/sysctl.conf @@ -68,6 +71,7 @@ vagrant_common () { # The console is not interactive, so we might as well boot quickly. echo 'autoboot_delay="-1"' >> ${DESTDIR}/boot/loader.conf + metalog_add_data ./boot/loader.conf # The first time the VM boots, the installed "first boot" scripts # should be allowed to run:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202509301523.58UFNbDU045656>