From f2738c399dffe325b5add7b912d9562484f071e3 Mon Sep 17 00:00:00 2001
From: unitexe <unitexe70@gmail.com>
Date: Sat, 3 Jan 2026 15:23:38 -0600
Subject: Introduce core-image-unit

- Add unitexe user
    - Configured for public key authentication SSH
    - Part of sudoers (via drop-in) so admin tasks can be performed
- No root login via SSH or TTY allowed
    - TTY is restricted via PAM
- Added misc. utilities
---
 .../recipes-core/packagegroups/packagegroup-unit-networking.bb |  6 ++++++
 .../recipes-core/packagegroups/packagegroup-unit-system.bb     | 10 ++++++++++
 .../recipes-core/packagegroups/packagegroup-unit-users.bb      | 10 ++++++++++
 .../recipes-core/packagegroups/packagegroup-unit-utils.bb      |  6 ++++++
 4 files changed, 32 insertions(+)
 create mode 100644 meta-unit-core/recipes-core/packagegroups/packagegroup-unit-networking.bb
 create mode 100644 meta-unit-core/recipes-core/packagegroups/packagegroup-unit-system.bb
 create mode 100644 meta-unit-core/recipes-core/packagegroups/packagegroup-unit-users.bb
 create mode 100644 meta-unit-core/recipes-core/packagegroups/packagegroup-unit-utils.bb

(limited to 'meta-unit-core/recipes-core')

diff --git a/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-networking.bb b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-networking.bb
new file mode 100644
index 0000000..e4353e1
--- /dev/null
+++ b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-networking.bb
@@ -0,0 +1,6 @@
+SUMMARY = "Unit networking packages"
+
+inherit packagegroup
+
+RDEPENDS:${PN}:append = " curl"
+RDEPENDS:${PN}:append = " openssh"
diff --git a/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-system.bb b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-system.bb
new file mode 100644
index 0000000..60bf072
--- /dev/null
+++ b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-system.bb
@@ -0,0 +1,10 @@
+SUMMARY = "Unit system packages"
+
+inherit packagegroup
+
+RDEPENDS:${PN}:append = " kernel-modules"
+
+# The preferred default for unit images (is also default for arch).
+# Provides high performance and reliability while being drop in 
+# compatible.
+RDEPENDS:${PN}:append = " dbus-broker"
diff --git a/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-users.bb b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-users.bb
new file mode 100644
index 0000000..8cc7faf
--- /dev/null
+++ b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-users.bb
@@ -0,0 +1,10 @@
+SUMMARY = "Unit users"
+
+inherit packagegroup
+
+# TTY root login restriction, among other things.
+# Is needed for rootless containers too.
+RDEPENDS:${PN}:append = " libpam"
+
+# Add admin user.
+RDEPENDS:${PN}:append = " add-user-unitexe"
diff --git a/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-utils.bb b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-utils.bb
new file mode 100644
index 0000000..1cbb0ff
--- /dev/null
+++ b/meta-unit-core/recipes-core/packagegroups/packagegroup-unit-utils.bb
@@ -0,0 +1,6 @@
+SUMMARY = "Unit utility packages"
+
+inherit packagegroup
+
+RDEPENDS:${PN}:append = " jq"
+RDEPENDS:${PN}:append = " tree"
-- 
cgit v1.2.3