Removed unused configuration files (iptables and citadel-setpassword)

1) iptables configuration has moved to the iptables package (see bbappend)
2) citadel-setpassword script is no longer used
This commit is contained in:
Bruce Leidl 2020-11-29 18:19:32 -05:00
parent 63ce94d365
commit 14700c2d71
7 changed files with 1 additions and 114 deletions

View File

@ -28,11 +28,6 @@ UDEV_RULES = "\
file://udev/scsi-alpm.rules \
"
IPTABLES_RULES = "\
file://iptables/empty-filter.rules \
file://iptables/iptables.rules \
"
SRC_URI = "\
file://locale.conf \
file://environment.sh \
@ -44,13 +39,11 @@ SRC_URI = "\
file://share/dot.profile \
file://share/dot.vimrc \
file://polkit/citadel.rules \
file://iptables-flush.sh \
file://citadel-installer.session \
file://citadel-installer.json \
file://citadel-installer.desktop \
file://citadel-installer-ui.desktop \
file://systemd/zram-swap.service \
file://systemd/iptables.service \
file://systemd/sway-session-switcher.service \
file://systemd/x11-session-switcher.service \
file://systemd/citadel-installer-backend.service \
@ -66,14 +59,13 @@ SRC_URI = "\
${MODPROBE_CONFIG} \
${SYSCTL_CONFIG} \
${UDEV_RULES} \
${IPTABLES_RULES} \
"
USERADD_PACKAGES = "${PN}"
USERADD_PARAM_${PN} = "-m -u 1000 -s /bin/bash citadel"
INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
# for citadel-ifconfig.sh citadel-setpassword.sh
# for citadel-ifconfig.sh
RDEPENDS_${PN} = "bash"
inherit allarch systemd useradd
@ -94,7 +86,6 @@ do_install() {
install -m 0755 -d ${D}${sysconfdir}/modprobe.d
install -m 0755 -d ${D}${sysconfdir}/sudoers.d
install -m 0755 -d ${D}${sysconfdir}/iwd
install -m 0755 -d ${D}${datadir}/iptables
install -m 0755 -d ${D}${datadir}/factory/skel
install -m 0700 -d ${D}${localstatedir}/lib/NetworkManager
install -m 0700 -d ${D}${localstatedir}/lib/NetworkManager/system-connections
@ -114,7 +105,6 @@ do_install() {
install -d ${D}${systemd_system_unitdir}
install -m 644 ${WORKDIR}/systemd/zram-swap.service ${D}${systemd_system_unitdir}
# install -m 644 ${WORKDIR}/systemd/iptables.service ${D}${systemd_system_unitdir}
install -m 644 ${WORKDIR}/systemd/sway-session-switcher.service ${D}${systemd_system_unitdir}
install -m 644 ${WORKDIR}/systemd/x11-session-switcher.service ${D}${systemd_system_unitdir}
@ -147,10 +137,6 @@ do_install() {
install -m 0644 ${WORKDIR}/citadel-installer-ui.desktop ${D}${datadir}/applications/
install -m 0644 ${WORKDIR}/citadel-installer.desktop ${D}${datadir}/wayland-sessions/
install -m 0644 ${WORKDIR}/iptables/iptables.rules ${D}${datadir}/iptables/
install -m 0644 ${WORKDIR}/iptables/empty-filter.rules ${D}${datadir}/iptables/
install -m 0644 ${WORKDIR}/iptables-flush.sh ${D}${datadir}/iptables/
install -m 0644 ${WORKDIR}/share/dot.bashrc ${D}${datadir}/factory/skel/.bashrc
install -m 0644 ${WORKDIR}/share/dot.profile ${D}${datadir}/factory/skel/.profile
install -m 0644 ${WORKDIR}/share/dot.vimrc ${D}${datadir}/factory/skel/.vimrc

View File

@ -1,36 +0,0 @@
#!/bin/bash
PF="/storage/citadel-state/passwd"
if [ -e "${PF}" ]; then
exit 0
fi
success=
for ((I = 0; I < 3; I++)); do
P1=
P2=
/usr/bin/plymouth display-message --text='Set new user password...'
/usr/bin/plymouth pause-progress
P1="$(/usr/bin/plymouth ask-for-password --prompt='Password')"
/usr/bin/plymouth unpause-progress
/usr/bin/plymouth pause-progress
P2="$(/usr/bin/plymouth ask-for-password --prompt='Confirm')"
if [ -n "${P1}" -a "${P1}" == "${P2}" ]; then
/usr/bin/plymouth unpause-progress
success=true
break;
fi
/usr/bin/plymouth display-message --text='Passwords do not match, try again...'
/usr/bin/plymouth unpause-progress
sleep 3
done
if [ -n "${success}" ]; then
crypt=$(echo -n "${P1}" | /usr/bin/mkpasswd -s -m sha-512)
echo "citadel:${crypt}" > ${PF}
chmod 444 "${PF}"
/usr/bin/plymouth display-message --text='Password set succesfully...'
else
/usr/bin/plymouth display-message --text='Failed to set password...'
fi
exit 0;

View File

@ -1,19 +0,0 @@
#!/bin/bash
#
# Usage: iptables-flush [6]
#
iptables=ip$1tables
if ! type -p "$iptables" &>/dev/null; then
echo "error: invalid argument"
exit 1
fi
while read -r table; do
tables+=("/usr/share/iptables/empty-$table.rules")
done <"/proc/net/ip$1_tables_names"
if (( ${#tables[*]} )); then
cat "${tables[@]}" | "$iptables-restore"
fi

View File

@ -1,6 +0,0 @@
# Empty iptables rule file
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

View File

@ -1,9 +0,0 @@
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -j DROP
-A INPUT -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
-A FORWARD -j ACCEPT
-A OUTPUT -j DROP
COMMIT

View File

@ -1,14 +0,0 @@
[Unit]
Description=Citadel Set Password
After=storage.mount
Requires=storage.mount
Before=gdm.service
[Service]
Type=oneshot
RemainAfterExit=no
ExecStart=/usr/libexec/citadel-setpassword.sh
[Install]
WantedBy=multi-user.target
RequiredBy=graphical.target

View File

@ -1,15 +0,0 @@
[Unit]
Description=IPv4 Packet Filtering Framework
Before=network-pre.target
Wants=network-pre.target
[Service]
Type=oneshot
ExecStart=/sbin/iptables-restore /usr/share/iptables/iptables.rules
ExecReload=/sbin/iptables-restore /usr/share/iptables/iptables.rules
ExecStop=/bin/bash /usr/share/iptables/iptables-flush.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target