~tardypad/alpine-system: utilities: use su for key generation in container setup

04bd241648172f69dc464109dceda9220657356d — Damien Tardy-Panis a month ago 0c07316

utilities: use su for key generation in container setup

Removes the need for doas root config with SUDO

patch browse

1 files changed, 2 insertions(+), 5 deletions(-)

M utilities/setup-container

M utilities/setup-container => utilities/setup-container +2 -5

@@ 14,10 14,7 @@ cat << EOF | lxc exec "${CONTAINER_NAME}" -- /bin/sh
   apk add alpine-sdk doas
   adduser -D damien
   adduser damien abuild
-  {
-    echo 'permit nopass damien';
-    echo 'permit nopass setenv { SUDO } root';
-  } > /etc/doas.conf
+  echo 'permit nopass damien' > /etc/doas.conf
 EOF
 
 if [ -n "${KEY_DIR}" ]; then


@@ 29,7 26,7 @@ if [ -n "${KEY_DIR}" ]; then
 	EOF
 else
   # generate the signing key
-  lxc exec "${CONTAINER_NAME}" --env SUDO=doas -- doas -u damien abuild-keygen -ain
+  lxc exec "${CONTAINER_NAME}" --env SUDO=doas -- su -c 'abuild-keygen -ain' damien
 
   # save signing key on host for backup
   (