218 lines
8.7 KiB
Text
218 lines
8.7 KiB
Text
# SPDX-FileCopyrightText: no
|
|
# SPDX-License-Identifier: CC0-1.0
|
|
#
|
|
# Configuration for the one-user-system user module.
|
|
#
|
|
# Besides these settings, the users module also places the following
|
|
# keys into the Global Storage area, based on user input in the view step.
|
|
#
|
|
# - hostname
|
|
# - username
|
|
# - password (obscured)
|
|
# - autologinUser (if enabled, set to username)
|
|
#
|
|
# These Global Storage keys are set when the configuration for this module
|
|
# is read and when they are modified in the UI.
|
|
---
|
|
# Used as default groups for the created user.
|
|
# Adjust to your Distribution defaults.
|
|
#
|
|
# Each entry in the *defaultGroups* list is either:
|
|
# - a string, naming a group; this is a **non**-system group
|
|
# which does not need to exist in the target system; if it
|
|
# does not exist, it will be created.
|
|
# - an entry with subkeys *name*, *must_exist* and *system*;
|
|
# if the group *must_exist* and does not, an error is thrown
|
|
# and the installation fails.
|
|
#
|
|
# The group is created if it does not exist, and it is
|
|
# created as a system group (GID < 1000) or user group
|
|
# (GID >= 1000) depending on the value of *system*.
|
|
defaultGroups:
|
|
- name: users
|
|
must_exist: true
|
|
system: true
|
|
- lp
|
|
- video
|
|
- network
|
|
- storage
|
|
- name: wheel
|
|
must_exist: false
|
|
system: true
|
|
- audio
|
|
- plugdev
|
|
|
|
# Some Distributions require a 'autologin' group for the user.
|
|
# Autologin causes a user to become automatically logged in to
|
|
# the desktop environment on boot.
|
|
# Disable when your Distribution does not require such a group.
|
|
#autologinGroup: autologin
|
|
# You can control the initial state for the 'autologin checkbox' here.
|
|
# Possible values are:
|
|
# - true to check or
|
|
# - false to uncheck
|
|
# These set the **initial** state of the checkbox.
|
|
# doAutologin: true
|
|
|
|
# When *sudoersGroup* is set to a non-empty string, Calamares creates a
|
|
# sudoers file for the user. This file is located at:
|
|
# `/etc/sudoers.d/10-installer`
|
|
# Remember to add the (value of) *sudoersGroup* to *defaultGroups*.
|
|
#
|
|
# If your Distribution already sets up a group of sudoers in its packaging,
|
|
# remove this setting (delete or comment out the line below). Otherwise,
|
|
# the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
|
|
# potentially confusing users.
|
|
sudoersGroup: wheel
|
|
# If set to `false` (the default), writes a sudoers file with `(ALL)`
|
|
# so that the command can be run as any user. If set to `true`, writes
|
|
# `(ALL:ALL)` so that any user and any group can be chosen.
|
|
sudoersConfigureWithGroup: true
|
|
|
|
# Setting this to false, causes the root account to be disabled.
|
|
# When disabled, hides the "Use the same password for administrator"
|
|
# checkbox. Also hides the "Choose a password" and associated text-inputs.
|
|
setRootPassword: true
|
|
|
|
# You can control the initial state for the 'reuse password for root'
|
|
# checkbox here. Possible values are:
|
|
# - true to check or
|
|
# - false to uncheck
|
|
#
|
|
# When checked, the user password is used for the root account too.
|
|
#
|
|
# NOTE: *doReusePassword* requires *setRootPassword* to be enabled.
|
|
doReusePassword: true
|
|
|
|
# These are optional password-requirements that a distro can enforce
|
|
# on the user. The values given in this sample file set only very weak
|
|
# validation settings.
|
|
#
|
|
# - nonempty rejects empty passwords
|
|
# - there are no length validations
|
|
# - libpwquality (if it is enabled at all) has no length of class
|
|
# restrictions, although it will still reject palindromes and
|
|
# dictionary words with these settings.
|
|
#
|
|
# Checks may be listed multiple times; each is checked separately,
|
|
# and no effort is done to ensure that the checks are consistent
|
|
# (e.g. specifying a maximum length less than the minimum length
|
|
# will annoy users).
|
|
#
|
|
# The libpwquality check relies on the (optional) libpwquality library.
|
|
# Its value is a list of configuration statements that could also
|
|
# be found in pwquality.conf, and these are handed off to the
|
|
# libpwquality parser for evaluation. The check is ignored if
|
|
# libpwquality is not available at build time (generates a warning in
|
|
# the log). The Calamares password check rejects passwords with a
|
|
# score of < 40 with the given libpwquality settings.
|
|
#
|
|
# (additional checks may be implemented in CheckPWQuality.cpp and
|
|
# wired into UsersPage.cpp)
|
|
#
|
|
# - To disable specific password validations:
|
|
# comment out the relevant 'passwordRequirements' keys below.
|
|
# - To disable all password validations:
|
|
# set both 'allowWeakPasswords' and 'allowWeakPasswordsDefault' to true.
|
|
# (That will show the box *Allow weak passwords* in the user-
|
|
# interface, and check it by default).
|
|
#passwordRequirements:
|
|
# nonempty: true
|
|
# minLength: -1 # Password at least this many characters
|
|
# maxLength: -1 # Password at most this many characters
|
|
# libpwquality:
|
|
# - minlen=0
|
|
# - minclass=0
|
|
|
|
# You can control the visibility of the 'strong passwords' checkbox here.
|
|
# Possible values are:
|
|
# - true to show or
|
|
# - false to hide (default)
|
|
# the checkbox. This checkbox allows the user to choose to disable
|
|
# password-strength-checks. By default the box is **hidden**, so
|
|
# that you have to pick a password that satisfies the checks.
|
|
allowWeakPasswords: false
|
|
# You can control the initial state for the 'strong passwords' checkbox here.
|
|
# Possible values are:
|
|
# - true to uncheck or
|
|
# - false to check (default)
|
|
# the checkbox by default. Since the box is labeled to enforce strong
|
|
# passwords, in order to **allow** weak ones by default, the box needs
|
|
# to be unchecked.
|
|
allowWeakPasswordsDefault: true
|
|
|
|
# User settings
|
|
#
|
|
# The user can enter a username, but there are some other
|
|
# hidden settings for the user which are configurable in Calamares.
|
|
#
|
|
# Key *user* has the following sub-keys:
|
|
#
|
|
# - *shell* Shell to be used for the regular user of the target system.
|
|
# There are three possible kinds of settings:
|
|
# - unset (i.e. commented out, the default), act as if set to /bin/bash
|
|
# - empty (explicit), don't pass shell information to useradd at all
|
|
# and rely on a correct configuration file in /etc/default/useradd
|
|
# - set, non-empty, use that path as shell. No validation is done
|
|
# that the shell actually exists or is executable.
|
|
# - *forbidden_names* Login names that may not be used. This list always
|
|
# contains "root" and "nobody", but may be extended to list other special
|
|
# names for a given distro (eg. "video", or "mysql" might not be a valid
|
|
# end-user login name).
|
|
user:
|
|
shell: /bin/bash
|
|
forbidden_names: [ root ]
|
|
|
|
# Hostname settings
|
|
#
|
|
# The user can enter a hostname; this is configured into the system
|
|
# in some way. There are settings for how a hostname is guessed (as
|
|
# a default / suggestion) and where (or how) the hostname is set in
|
|
# the target system.
|
|
#
|
|
# Key *hostname* has the following sub-keys:
|
|
#
|
|
# - *location* How the hostname is set in the target system:
|
|
# - *None*, to not set the hostname at all
|
|
# - *EtcFile*, to write to `/etc/hostname` directly
|
|
# - *Etc*, identical to above
|
|
# - *Hostnamed*, to use systemd hostnamed(1) over DBus
|
|
# - *Transient*, to remove `/etc/hostname` from the target
|
|
# The default is *EtcFile*. Setting this to *None* or *Transient* will
|
|
# hide the hostname field.
|
|
# - *writeHostsFile* Should /etc/hosts be written with a hostname for
|
|
# this machine (also adds localhost and some ipv6 standard entries).
|
|
# Defaults to *true*.
|
|
# - *template* Is a simple template for making a suggestion for the
|
|
# hostname, based on user data. The default is "${first}-${product}".
|
|
# This is used only if the hostname field is shown. KMacroExpander is
|
|
# used; write `${key}` where `key` is one of the following:
|
|
# - *first* User's first name (whatever is first in the User Name field,
|
|
# which is first-in-order but not necessarily a "first name" as in
|
|
# "given name" or "name by which you call someone"; beware of western bias)
|
|
# - *name* All the text in the User Name field.
|
|
# - *login* The login name (which may be suggested based on User Name)
|
|
# - *product* The hardware product, based on DMI data
|
|
# - *product2* The product as described by Qt
|
|
# - *cpu* CPU name
|
|
# - *host* Current hostname (which may be a transient hostname)
|
|
# Literal text in the template is preserved. Calamares tries to map
|
|
# `${key}` values to something that will fit in a hostname, but does not
|
|
# apply the same to literal text in the template. Do not use invalid
|
|
# characters in the literal text, or no suggeston will be done.
|
|
# - *forbidden_names* lists hostnames that may not be used. This list
|
|
# always contains "localhost", but may list others that are unsuitable
|
|
# or broken in special ways.
|
|
hostname:
|
|
location: EtcFile
|
|
writeHostsFile: true
|
|
#template: "alci-${cpu}"
|
|
forbidden_names: [ localhost ]
|
|
|
|
presets:
|
|
fullName:
|
|
# value: "OEM User"
|
|
editable: true
|
|
loginName:
|
|
# value: "oem"
|
|
editable: true
|