Special commands and variables¶
unix users¶
TDB
file ownership and permissions¶
(from profile/minimal)
Files permissions and ownership can be explicitly set.
1 2 3 4 5 6 7 8 9 10 | [files]
# Set executable permission for standard dirs for binaries
permission["/etc/initramfs-tools/hooks/*"] = "0755"
permission["/etc/init.d/*"] = "0755"
permission["/etc/cron.hourly/*"] = "0755"
permission["/etc/cron.daily/*"] = "0755"
permission["/etc/cron.weekly/*"] = "0755"
permission["/etc/cron.monthly/*"] = "0755"
permission["/usr/local/bin/*"] = "0755"
permission["/root"] = "0700"
|
Variables¶
Example of build-in variables
1 2 3 4 5 6 7 | from profile/standard
if PLATFORM_OS_NAME in ["debian", "ubuntu"]
import "public/config/debian-logrotate"
import "public/config/kernel-img"
import "public/config/hostname"
import "public/config/locale"
end
|
TODO: which one are there and how to find out
Triggers¶
(from config/backup)
Triggers are used to run certain commands when metaconfig change files.
1 2 3 | [trigger.generate-backup-keys]
command = "DIR=/etc/spye/backup/main/ssh; PRIV=$DIR/private.key; PUB=$DIR/public.key; mkdir -p $DIR; [ ! -r $PRIV ] && (echo \"Generating backup keys\" && ssh-keygen -P \"\" -C \"$(hostname -f)-backup-$(date +%Y-%m-%d)\" -t rsa -b 2048 -f $PRIV && mv $PRIV.pub $PUB) || true"
single = True
|
TODO: single = true? what does that mean?
1 2 3 4 | [trigger.restart-exim]
command = ["service", "exim4", "restart"]
files += "/etc/exim4/*"
files += "/etc/exim4/conf.d/*/*"
|
Unix users and groups¶
(from mozrepo/config/sysuser)
Metaconfig can enforce uid and gid values, as well as the ohter paramteres for a given user.
1 2 3 4 5 6 7 8 9 10 11 12 13 | [unixuser.sysuser]
uid = 1500
gid = 1500
gecos = ",,,"
home = "/home/sysuser"
shell = "/bin/bash"
groups_include += "adm"
groups_include += "sudo"
groups_include += "sysuser"
[unixgroup.sysuser]
gid=1500
|