From f2738c399dffe325b5add7b912d9562484f071e3 Mon Sep 17 00:00:00 2001
From: unitexe <unitexe70@gmail.com>
Date: Sat, 3 Jan 2026 15:23:38 -0600
Subject: Introduce core-image-unit

- Add unitexe user
    - Configured for public key authentication SSH
    - Part of sudoers (via drop-in) so admin tasks can be performed
- No root login via SSH or TTY allowed
    - TTY is restricted via PAM
- Added misc. utilities
---
 .../recipes-users/useradd/add-user-unitexe.bb      | 45 ++++++++++++++++++++++
 .../useradd/add-user-unitexe/authorized_keys       |  1 +
 2 files changed, 46 insertions(+)
 create mode 100644 meta-unit-core/recipes-users/useradd/add-user-unitexe.bb
 create mode 100644 meta-unit-core/recipes-users/useradd/add-user-unitexe/authorized_keys

(limited to 'meta-unit-core/recipes-users/useradd')

diff --git a/meta-unit-core/recipes-users/useradd/add-user-unitexe.bb b/meta-unit-core/recipes-users/useradd/add-user-unitexe.bb
new file mode 100644
index 0000000..4485d79
--- /dev/null
+++ b/meta-unit-core/recipes-users/useradd/add-user-unitexe.bb
@@ -0,0 +1,45 @@
+SUMMARY = "Add unitexe user"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${UNIT_CORE_LAYERDIR}/LICENSE;md5=38bf13be5d6979b28bd8adddb2f2f9b3"
+
+EXCLUDE_FROM_WORLD = "1"
+
+inherit useradd
+inherit extrausers
+
+SRC_URI = "file://authorized_keys"
+
+S = "${UNPACKDIR}"
+
+RDEPENDS:${PN}:append = " sudo"
+RDEPENDS:${PN}:append = " shadow"
+
+USERADD_PACKAGES = "${PN}"
+
+USER_TO_ADD_NAME ?= "unitexe"
+USER_TO_ADD_UID ?= "1000"
+USER_TO_ADD_PASSWORD_HASHED ?= "\$6\$esHchcEKubkj/1v7\$woeV0ChUqcC8J8lOEWB563mX4XRAvYJldGcU/I0Pzg1Nw9bBGOQoLmIsn0wU1gUzpysZr6R18xps5Cjn470Nv/"
+
+USERADD_PARAM:${PN} = "--uid ${USER_TO_ADD_UID} --home-dir /home/${USER_TO_ADD_NAME} --shell ${base_bindir}/sh --password '${USER_TO_ADD_PASSWORD_HASHED}' ${USER_TO_ADD_NAME}"
+
+do_install() {
+    # Give the user a home directory.
+    install -d -m 0755 ${D}/home/${USER_TO_ADD_NAME}
+
+    # Create .ssh directory.
+    install -d -m 0700 ${D}/home/${USER_TO_ADD_NAME}/.ssh
+
+    # Create authorized keys file.
+    install -m 0600 ${UNPACKDIR}/authorized_keys ${D}/home/${USER_TO_ADD_NAME}/.ssh/authorized_keys
+}
+
+pkg_postinst_ontarget:${PN}() {
+    chown -R ${USER_TO_ADD_NAME}:${USER_TO_ADD_NAME} /home/${USER_TO_ADD_NAME}
+}
+
+FILES:${PN} = "\
+    /home/${USER_TO_ADD_NAME} \
+    /home/${USER_TO_ADD_NAME}/.ssh/authorized_keys \
+"
+
+INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
diff --git a/meta-unit-core/recipes-users/useradd/add-user-unitexe/authorized_keys b/meta-unit-core/recipes-users/useradd/add-user-unitexe/authorized_keys
new file mode 100644
index 0000000..e567ca6
--- /dev/null
+++ b/meta-unit-core/recipes-users/useradd/add-user-unitexe/authorized_keys
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMovGBPRZAcuJiEO/3xfSqHki2b8/tZL+UfqoSoC8D27 unitexe70@gmail.com
-- 
cgit v1.2.3