generated from anishathalye/dotfiles_template
-
Notifications
You must be signed in to change notification settings - Fork 8
/
configure-root-env.sh
executable file
·169 lines (151 loc) · 4.83 KB
/
configure-root-env.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
#!/usr/bin/env bash
BASEDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$BASEDIR"/_common-setup.sh
if [ "$EUID" != "0" ]; then
die "Please run this script as root"
fi
SHOW_HELP=false
VERBOSE=false
BASIC_SETUP=false
while [[ $# -gt 0 ]]; do
case "$1" in
--basic|-b)
BASIC_SETUP=true
shift
;;
--help|-h)
SHOW_HELP=true
break
;;
--verbose)
VERBOSE=true
shift
;;
*)
shift
;;
esac
done
eval set -- "$PARSED_ARGS"
if $SHOW_HELP; then
cat <<EOF
Configures root environment.
Usage:
`readlink -f "$0"` [flags]
Flags:
-b, --basic Will only install basic packages to get Bash working
--verbose Show verbose output
-h, --help help
EOF
exit 0
fi
if $VERBOSE; then
writeGreen "Running `basename "$0"` $ALL_ARGS
Basic setup is $BASIC_SETUP"
fi
if $VERBOSE; then
writeBlue "Setting basic setup to $BASIC_SETUP in /etc/profile.d/01-basic-setup.sh."
fi
echo "export BASIC_SETUP=$BASIC_SETUP" > /etc/profile.d/01-basic-setup.sh
if ! [[ `locale -a` =~ en_US\.utf8 ]]; then
writeBlue "Generate location."
locale-gen en_US.UTF-8
else
if $VERBOSE; then
writeBlue "Not generating location, it is already generated."
fi
fi
if ! [ -f /etc/profile.d/xdg_dirs_extra.sh ]; then
if $VERBOSE; then
writeBlue "Copying xdg_dirs_extra.sh to /etc/profile.d/."
fi
cp "$BASEDIR"/setup/xdg_dirs_extra.sh /etc/profile.d/
elif $VERBOSE; then
writeBlue "Not copying xdg_dirs_extra.sh, it already exists."
fi
if $WSL && ! $RUNNING_IN_CONTAINER; then
if hash wslview 2>/dev/null; then
setAlternative x-www-browser wslview
else
if $VERBOSE; then
writeBlue "Not setting browser to wslview, wslview is not available."
fi
fi
fi
setAlternative editor /usr/bin/vim.basic
# todo: find a way to create apparmor profiles for nix packages
# until then, make apparmor allow unprivileged user namespaces
# This became a problem since Ubuntu 24.04
# See: https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#unprivileged-user-namespace-restrictions-15
if [ -f /etc/sysctl.d/60-apparmor-namespace.conf ]; then
if $VERBOSE; then
writeBlue "Apparmor is already set to allow unprivileged user namespaces."
fi
else
if $VERBOSE; then
writeBlue "Setting Apparmor to allow unprivileged user namespaces."
fi
echo 'kernel.apparmor_restrict_unprivileged_userns=0' > /etc/sysctl.d/60-apparmor-namespace.conf
fi
if $WSL; then
"$BASEDIR"/configure-root-env-wsl.sh "$@"
elif $ANDROID; then
"$BASEDIR"/configure-root-env-android.sh "$@"
else
# non-WSL, non-Android
# Kill users process on exit using logind
if [ -f /etc/systemd/logind.conf ]; then
if $VERBOSE; then
writeBlue "Setting KillUserProcesses=yes in /etc/systemd/logind.conf."
fi
sed -i 's/#KillUserProcesses=no/KillUserProcesses=yes/' /etc/systemd/logind.conf
systemctl reload systemd-logind
else
writeBlue "Logind configuration file does not exist."
fi
# patch /etc/pam.d/common-session-noninteractive, see: https://askubuntu.com/a/1052885/832580
# this is to allow encrypted home to unmount on logout
verbose_flag=
if $VERBOSE; then verbose_flag="--verbose"; fi
patch --ignore-whitespace $verbose_flag -u /etc/pam.d/common-session-noninteractive -i "$BASEDIR"/patches/common-session-noninteractive.patch --merge
if [ -v SUDO_USER ]; then
groups_to_add=(docker i2c)
for group in "${groups_to_add[@]}"; do
if ! getent group "$group" &> /dev/null; then
writeBlue "Group $group does not exist."
else
if getent group "$group" | grep -qw "$SUDO_USER"; then
if $VERBOSE; then
writeBlue "$SUDO_USER is already in $group group."
fi
else
writeBlue "Adding $SUDO_USER to $group group."
usermod "$SUDO_USER" -aG "$group"
fi
fi
done
# Move openrgb udev rules file to udev rules directory
openrgb_bin=`su - "$SUDO_USER" -c "which openrgb || true"`
if [ -n "$openrgb_bin" ]; then
openrgb_rules="$(realpath "$(dirname "$(readlink -f "$openrgb_bin")")"/../lib/udev/rules.d/60-openrgb.rules)"
if [ -f "$openrgb_rules" ]; then
destination_udev_rules=/usr/lib/udev/rules.d/60-openrgb.rules
if [ "`readlink -f /usr/lib/udev/rules.d/60-openrgb.rules`" = "$openrgb_rules" ]; then
if $VERBOSE; then
writeBlue "OpenRGB udev rules are already linked."
fi
else
writeBlue "Linking OpenRGB udev rules from $openrgb_rules to $destination_udev_rules."
ln -fs "$openrgb_rules" $destination_udev_rules
writeBlue "Reloading udev rules for openrgb."
udevadm control --reload-rules
udevadm trigger
fi
else
writeBlue "OpenRGB udev rules do not exist."
fi
else
writeBlue "OpenRGB is not installed."
fi
fi
fi