signstar-configure-build

Crates.iosignstar-configure-build
lib.rssignstar-configure-build
version
sourcesrc
created_at2024-11-26 18:55:27.25768
updated_at2024-12-08 21:01:00.135179
descriptionA command-line interface for Signstar image build configuration
homepagehttps://gitlab.archlinux.org/archlinux/signstar
repositoryhttps://gitlab.archlinux.org/archlinux/signstar
max_upload_size
id1462156
Cargo.toml error:TOML parse error at line 21, column 1 | 21 | autolib = false | ^^^^^^^ unknown field `autolib`, expected one of `name`, `version`, `edition`, `authors`, `description`, `readme`, `license`, `repository`, `homepage`, `documentation`, `build`, `resolver`, `links`, `default-run`, `default_dash_run`, `rust-version`, `rust_dash_version`, `rust_version`, `license-file`, `license_dash_file`, `license_file`, `licenseFile`, `license_capital_file`, `forced-target`, `forced_dash_target`, `autobins`, `autotests`, `autoexamples`, `autobenches`, `publish`, `metadata`, `keywords`, `categories`, `exclude`, `include`
size0
Arch Linux Technical User (archlinux-github)

documentation

README

Signstar configure build

A commandline tool to configure a Signstar system during build.

The scope of this project is to read a dedicated configuration file, derive system users and their integration from it and create them.

The signstar-configure-build executable must be run as root.

Documentation

Configuration file

By default signstar-configure-build relies on the configuration file /usr/share/signstar/config.toml and will fail if it is not found or not valid.

One of the following configuration files in the following order are used instead, if they exist:

  • /usr/local/share/signstar/config.toml
  • /run/signstar/config.toml
  • /etc/signstar/config.toml

Alternatively, signstar-configure-build can be provided with a custom configuration file location using the --config/ -c option.

System users

Based on configured user mappings in the configuration file, signstar-configure-build:

  • creates unlocked system users
    • without passphrase
    • with a home directory below /var/lib/signstar/home/ (but without creating it)
  • adds tmpfiles.d integration for each user, so that their home directory is created automatically
  • adds a dedicated authorized_keys file and sshd_config drop-in configuration, which defines a ForceCommand option to enforce specific commands for each configured user with SSH access

Examples

Assuming a valid configuration file (such as example.toml) in one of the default locations, the executable is called without any options:

signstar-configure-build

Contributing

Please refer to the contributing guidelines to learn how to contribute to this project.

License

This project may be used under the terms of the Apache-2.0 or MIT license.

Changes to this project - unless stated otherwise - automatically fall under the terms of both of the aforementioned licenses.

Commit count: 0

cargo fmt