From 785d1de1b475cf066f940d61f16b7c3cbd082dee Mon Sep 17 00:00:00 2001
From: Michal Sojka <michal.sojka@cvut.cz>
Date: Tue, 15 Oct 2019 23:32:47 +0200
Subject: [PATCH] server: Add novaboot users to the novaboot group

This is mainly intended for allowing "Match Group" configuration in
sshd_config.
---
 debian/novaboot-server.install         |  1 +
 debian/novaboot-server.postinst        | 13 +++++++++++++
 server/adduser-novaboot                |  2 +-
 server/sysusers.d/novaboot-server.conf |  1 +
 4 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 debian/novaboot-server.postinst
 create mode 100644 server/sysusers.d/novaboot-server.conf

diff --git a/debian/novaboot-server.install b/debian/novaboot-server.install
index d82c57a..15050f6 100644
--- a/debian/novaboot-server.install
+++ b/debian/novaboot-server.install
@@ -6,3 +6,4 @@ server/systemd/novaboot-server-session@.service /lib/systemd/system
 server/systemd/novaboot-target-off@.target /lib/systemd/system
 server/systemd/novaboot-target-off@.timer /lib/systemd/system
 server/systemd/novaboot-target-on@.service /lib/systemd/system
+server/sysusers.d/novaboot-server.conf /usr/lib/sysusers.d
diff --git a/debian/novaboot-server.postinst b/debian/novaboot-server.postinst
new file mode 100644
index 0000000..e8bf2d6
--- /dev/null
+++ b/debian/novaboot-server.postinst
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -e
+
+case "${1}" in
+    configure)
+        if ! getent group novaboot >> /dev/null 2>&1; then
+            addgroup --quiet --system novaboot
+        fi
+    ;;
+esac
+
+#DEBHELPER#
diff --git a/server/adduser-novaboot b/server/adduser-novaboot
index 69e6f49..928e763 100755
--- a/server/adduser-novaboot
+++ b/server/adduser-novaboot
@@ -49,7 +49,7 @@ fi
 [ -z "$key" -o "$(echo "$key" | wc -l)" -ne 1 ] && die "--key needs to be just one line"
 echo "$key" | grep -q ssh || die "--key does not look like an SSH public key"
 
-adduser --disabled-password --shell $(which novaboot-shell) $adduser_opts "$@"
+adduser --disabled-password --ingroup novaboot --shell $(which novaboot-shell) $adduser_opts "$@"
 
 user="$1"
 home=$(getent passwd "$user"|awk -F: '{print $6;}')
diff --git a/server/sysusers.d/novaboot-server.conf b/server/sysusers.d/novaboot-server.conf
new file mode 100644
index 0000000..667e527
--- /dev/null
+++ b/server/sysusers.d/novaboot-server.conf
@@ -0,0 +1 @@
+g novaboot - -
-- 
2.39.2