calamares-settings/calamares/modules/users.conf

170 lines
6.3 KiB
Plaintext
Raw Permalink Normal View History

2021-10-18 13:45:50 +00:00
# SPDX-FileCopyrightText: no
# SPDX-License-Identifier: CC0-1.0
#
# Configuration for the one-user-system user module.
#
# Besides these settings, the users module also places the following
# keys into the Global Storage area, based on user input in the view step.
#
# - hostname
# - username
# - password (obscured)
# - autologinUser (if enabled, set to username)
#
# These Global Storage keys are set when the configuration for this module
# is read and when they are modified in the UI.
2019-10-28 13:48:02 +00:00
---
2021-10-18 13:45:50 +00:00
# Used as default groups for the created user.
# Adjust to your Distribution defaults.
#
# Each entry in the *defaultGroups* list is either:
# - a string, naming a group; this is a **non**-system group
# which does not need to exist in the target system; if it
# does not exist, it will be created.
# - an entry with subkeys *name*, *must_exist* and *system*;
# if the group *must_exist* and does not, an error is thrown
# and the installation fails.
#
# The group is created if it does not exist, and it is
# created as a system group (GID < 1000) or user group
# (GID >= 1000) depending on the value of *system*.
2019-10-28 13:48:02 +00:00
defaultGroups:
2021-10-18 13:45:50 +00:00
- name: users
must_exist: true
system: true
2019-10-28 13:48:02 +00:00
- lp
2021-10-18 13:45:50 +00:00
- video
2019-10-28 13:48:02 +00:00
- network
2021-10-18 13:45:50 +00:00
- storage
- name: wheel
must_exist: false
system: true
- audio
# Some Distributions require a 'autologin' group for the user.
# Autologin causes a user to become automatically logged in to
# the desktop environment on boot.
# Disable when your Distribution does not require such a group.
2019-10-28 13:48:02 +00:00
autologinGroup: autologin
2021-10-18 13:45:50 +00:00
# You can control the initial state for the 'autologin checkbox' here.
# Possible values are:
# - true to check or
# - false to uncheck
# These set the **initial** state of the checkbox.
doAutologin: true
# When *sudoersGroup* is set to a non-empty string, Calamares creates a
# sudoers file for the user. This file is located at:
# `/etc/sudoers.d/10-installer`
# Remember to add the (value of) *sudoersGroup* to *defaultGroups*.
#
# If your Distribution already sets up a group of sudoers in its packaging,
# remove this setting (delete or comment out the line below). Otherwise,
# the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
# potentially confusing users.
2019-10-28 13:48:02 +00:00
sudoersGroup: wheel
2021-10-18 13:45:50 +00:00
# Setting this to false, causes the root account to be disabled.
# When disabled, hides the "Use the same password for administrator"
# checkbox. Also hides the "Choose a password" and associated text-inputs.
2019-10-28 13:48:02 +00:00
setRootPassword: true
2021-10-18 13:45:50 +00:00
# You can control the initial state for the 'reuse password for root'
# checkbox here. Possible values are:
# - true to check or
# - false to uncheck
#
# When checked, the user password is used for the root account too.
#
# NOTE: *doReusePassword* requires *setRootPassword* to be enabled.
doReusePassword: true
# These are optional password-requirements that a distro can enforce
# on the user. The values given in this sample file set only very weak
# validation settings.
#
# - nonempty rejects empty passwords
# - there are no length validations
# - libpwquality (if it is enabled at all) has no length of class
# restrictions, although it will still reject palindromes and
# dictionary words with these settings.
#
# Checks may be listed multiple times; each is checked separately,
# and no effort is done to ensure that the checks are consistent
# (e.g. specifying a maximum length less than the minimum length
# will annoy users).
#
# The libpwquality check relies on the (optional) libpwquality library.
# Its value is a list of configuration statements that could also
# be found in pwquality.conf, and these are handed off to the
# libpwquality parser for evaluation. The check is ignored if
# libpwquality is not available at build time (generates a warning in
# the log). The Calamares password check rejects passwords with a
# score of < 40 with the given libpwquality settings.
#
# (additional checks may be implemented in CheckPWQuality.cpp and
# wired into UsersPage.cpp)
#
# - To disable specific password validations:
# comment out the relevant 'passwordRequirements' keys below.
# - To disable all password validations:
# set both 'allowWeakPasswords' and 'allowWeakPasswordsDefault' to true.
# (That will show the box *Allow weak passwords* in the user-
# interface, and check it by default).
passwordRequirements:
nonempty: true
minLength: -1 # Password at least this many characters
maxLength: -1 # Password at most this many characters
libpwquality:
- minlen=0
- minclass=0
# You can control the visibility of the 'strong passwords' checkbox here.
# Possible values are:
# - true to show or
# - false to hide (default)
# the checkbox. This checkbox allows the user to choose to disable
# password-strength-checks. By default the box is **hidden**, so
# that you have to pick a password that satisfies the checks.
allowWeakPasswords: false
# You can control the initial state for the 'strong passwords' checkbox here.
# Possible values are:
# - true to uncheck or
# - false to check (default)
# the checkbox by default. Since the box is labeled to enforce strong
# passwords, in order to **allow** weak ones by default, the box needs
# to be unchecked.
allowWeakPasswordsDefault: false
# Shell to be used for the regular user of the target system.
# There are three possible kinds of settings:
# - unset (i.e. commented out, the default), act as if set to /bin/bash
# - empty (explicit), don't pass shell information to useradd at all
# and rely on a correct configuration file in /etc/default/useradd
# - set, non-empty, use that path as shell. No validation is done
# that the shell actually exists or is executable.
userShell: /bin/bash
# Hostname setting
#
# The user can enter a hostname; this is configured into the system
# in some way; pick one of:
# - *None*, to not set the hostname at all
# - *EtcFile*, to write to `/etc/hostname` directly
# - *Hostnamed*, to use systemd hostnamed(1) over DBus
# The default is *EtcFile*.
setHostname: EtcFile
# Should /etc/hosts be written with a hostname for this machine
# (also adds localhost and some ipv6 standard entries).
# Defaults to *true*.
writeHostsFile: true
presets:
fullName:
# value: "OEM User"
editable: true
loginName:
# value: "oem"
editable: true