Use Ignition to create core user

Create the core user in the Ignition base config and allow users to modify it via config merging. This fixes the user not receiving default groups if anything about the user (e.g. SSH keys) is specified via Ignition.
coreos · Mar 27, 2019 · 7e1fb3f · 7e1fb3f
1 parent b783139
commit 7e1fb3f
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 15 deletions.
diff --git a/overlay/usr/lib/dracut/modules.d/40ignition-conf/base.ign b/overlay/usr/lib/dracut/modules.d/40ignition-conf/base.ign
@@ -0,0 +1,19 @@
+{
+  "ignition": {
+    "version": "3.0.0"
+  },
+  "passwd": {
+    "users": [
+      {
+        "name": "core",
+        "gecos": "CoreOS Admin",
+        "groups": [
+          "adm",
+          "sudo",
+          "systemd-journal",
+          "wheel"
+        ]
+      }
+    ]
+  }
+}
diff --git a/overlay/usr/lib/dracut/modules.d/40ignition-conf/module-setup.sh b/overlay/usr/lib/dracut/modules.d/40ignition-conf/module-setup.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+depends() {
+    echo ignition
+}
+
+install() {
+    inst "$moddir/base.ign" \
+        "/usr/lib/ignition/base.ign"
+}
diff --git a/overlay/usr/lib/systemd/system-preset/42-coreos.preset b/overlay/usr/lib/systemd/system-preset/42-coreos.preset
@@ -1,6 +1,5 @@
 # Presets here that eventually should live in the generic fedora presets
 enable coreos-growpart.service
-enable coreos-useradd-core.service
 enable console-login-helper-messages-*.service
 enable console-login-helper-messages-*.path
 # This one is from https://github.com/coreos/ignition-dracut

diff --git a/overlay/usr/lib/systemd/system/coreos-useradd-core.service b/overlay/usr/lib/systemd/system/coreos-useradd-core.service