diff --git a/.gitignore b/.gitignore index a6883c2..bacbfa7 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ SKIP_IMAGES .pc *-pc apt-cacher-ng/ +stage2/01-sys-tweaks/files/authorized_keys diff --git a/README.md b/README.md index fea5552..9a5938c 100755 --- a/README.md +++ b/README.md @@ -101,6 +101,12 @@ The following environment variables are supported: Add a free space in the partition (value in megabyte). If Qemu image is generated it could be usefull to have a lot of free space. + * `USE_SSH` (Default: `"0"`) + + For security SSH server is disabled by default so if you want to activate it set this to `"1"`. + If `stage2/01-sys-tweaks/files/authorized_keys` is present then it will be copied in `/root/.ssh/` + + A simple example for building Raspbian: ```bash diff --git a/build.sh b/build.sh index a79d9ba..a155220 100755 --- a/build.sh +++ b/build.sh @@ -140,6 +140,7 @@ export RPI_USERNAME=${RPI_USERNAME:-"pi"} export RPI_USERPASS=${RPI_USERPASS:-"raspberry"} export RPI_ROOTPASS=${RPI_ROOTPASS:-"root"} export KEYBOARD_LANG=${KEYBOARD_LANG:-"gb"} +export USE_SSH=${USE_SSH:-0} export IMG_DATE=${IMG_DATE:-"$(date +%Y-%m-%d)"} export BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" diff --git a/config.exemple b/config.exemple index fb3b0ae..607c229 100644 --- a/config.exemple +++ b/config.exemple @@ -1,5 +1,6 @@ IMG_NAME="Raspbian" USE_QEMU=1 +USE_SSH=1 LAST_STAGE=5 FREE_SPACE_MB=500 KEYBOARD_LANG="gb" diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh index 6200086..4cdd7a7 100755 --- a/stage2/01-sys-tweaks/01-run.sh +++ b/stage2/01-sys-tweaks/01-run.sh @@ -15,23 +15,38 @@ on_chroot << EOF systemctl disable hwclock.sh systemctl disable nfs-common systemctl disable rpcbind -systemctl disable ssh systemctl enable regenerate_ssh_host_keys EOF if [ "${USE_QEMU}" = "1" ]; then - echo "enter QEMU mode" + log "enter QEMU mode" install -m 644 files/90-qemu.rules "${ROOTFS_DIR}/etc/udev/rules.d/" on_chroot << EOF systemctl disable resize2fs_once EOF - echo "leaving QEMU mode" + log "leaving QEMU mode" else on_chroot << EOF systemctl enable resize2fs_once EOF fi +if [ "${USE_SSH}" = "1" ]; then + on_chroot << EOF +systemctl enable ssh +EOF + + if [[ -e files/authorized_keys ]]; then + log "Copy authorized_keys in root ssh directory" + install -d "${ROOTFS_DIR}/root/.ssh" + install -m 644 files/authorized_keys "${ROOTFS_DIR}/root/.ssh/" + fi +else + on_chroot << EOF +systemctl disable ssh +EOF +fi + on_chroot << \EOF for GRP in input spi i2c gpio; do groupadd -f -r "$GRP"