~tardypad/alpine-system

04bd241648172f69dc464109dceda9220657356d — Damien Tardy-Panis a month ago 0c07316
utilities: use su for key generation in container setup

Removes the need for doas root config with SUDO
1 files changed, 2 insertions(+), 5 deletions(-)

M utilities/setup-container
M utilities/setup-container => utilities/setup-container +2 -5
@@ 14,10 14,7 @@ cat << EOF | lxc exec "${CONTAINER_NAME}" -- /bin/sh
  apk add alpine-sdk doas
  adduser -D damien
  adduser damien abuild
  {
    echo 'permit nopass damien';
    echo 'permit nopass setenv { SUDO } root';
  } > /etc/doas.conf
  echo 'permit nopass damien' > /etc/doas.conf
EOF

if [ -n "${KEY_DIR}" ]; then


@@ 29,7 26,7 @@ if [ -n "${KEY_DIR}" ]; then
	EOF
else
  # generate the signing key
  lxc exec "${CONTAINER_NAME}" --env SUDO=doas -- doas -u damien abuild-keygen -ain
  lxc exec "${CONTAINER_NAME}" --env SUDO=doas -- su -c 'abuild-keygen -ain' damien

  # save signing key on host for backup
  (