commit 38904cb57c2585be771eab967027dbf1c1f3a78c
parent be7cc194438d7fec7e3dfde77f88cec98d0b573e
Author: Anders Damsgaard <anders@adamsgaard.dk>
Date: Mon, 16 Dec 2019 10:19:41 +0100
Restrict home directory access for new users
Diffstat:
1 file changed, 3 insertions(+), 0 deletions(-)
diff --git a/.local/bin/newuser b/.local/bin/newuser
@@ -73,7 +73,10 @@ add_user() {
useradd -m "$1"
[ "$verbose" = 1 ] && echo "adding entry to /etc/doas.conf" || :
echo "permit nopass keepenv ad as $1" >> /etc/doas.conf
+ [ "$verbose" = 1 ] && echo "adding ssh key to $1" || :
cat /home/ad/.ssh/id_rsa.pub >> /home/$1/.ssh/authorized_keys
+ [ "$verbose" = 1 ] && echo "limiting home-directory $1" || :
+ chmod go-rx /home/$1
}
for u in "$@"; do
