Skip to content

Commit

Permalink
Different workaround for default user/group in 24.04 (#137)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bvandevliet
bvandevliet authored Nov 19, 2024
1 parent a5c418d commit a74003e
Showing 1 changed file with 13 additions and 14 deletions.
27 changes: 13 additions & 14 deletions linux/ubuntu/scripts/runner.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,36 +7,34 @@ set -Eeuxo pipefail

printf "\n\tπŸ‹ Creating runner users πŸ‹\t\n"

# 24.04 has default user 'ubuntu' with id=1000
if [ "$ID" = "24.04" ]; then
sed -i 's/ubuntu/runneradmin/' /etc/passwd
sed -i 's/ubuntu/runneradmin/' /etc/group
else
groupadd -g 1000 "${RUNNER}admin"
useradd -u 1000 -g "${RUNNER}admin" -G sudo -m -s /bin/bash "${RUNNER}admin"
fi
# Default admin user/group
RUNNERADMIN="${RUNNER}admin"

groupadd -g 1001 "${RUNNER}"
groupadd -g 1000 "${RUNNERADMIN}" || RUNNERADMIN="$(id -gn 1000)" # 24.04 has default user 'ubuntu' with id=1000

useradd -u 1001 -g "${RUNNER}" -G sudo -m -s /bin/bash "${RUNNER}"
useradd -u 1000 -g "${RUNNERADMIN}" -G sudo -m -s /bin/bash "${RUNNERADMIN}" || true

usermod -aG docker "runner"
usermod -aG docker "runneradmin"
usermod -aG docker "${RUNNER}"
usermod -aG docker "${RUNNERADMIN}"

{
echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL"
echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL"
echo "${RUNNERADMIN} ALL=(ALL) NOPASSWD: ALL"
} | tee -a /etc/sudoers

printf "\n\tπŸ‹ Runner user πŸ‹\t\n"
su - "${RUNNER}" -c id

printf "\n\tπŸ‹ Runner admin πŸ‹\t\n"
su - "${RUNNER}admin" -c id
su - "${RUNNERADMIN}" -c id

printf "\n\tπŸ‹ Created non-root user πŸ‹\t\n"
grep "${RUNNER}" /etc/passwd

printf "\n\tπŸ‹ Created non-root admin πŸ‹\t\n"
grep "${RUNNER}admin" /etc/passwd
grep "${RUNNERADMIN}" /etc/passwd

sed -i /etc/environment -e "s/USER=root/USER=${RUNNER}/g"

Expand All @@ -45,6 +43,7 @@ mkdir -p "/home/${RUNNER}/work/_temp"
chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/work"

mkdir -m 0700 -p "/home/${RUNNER}/.ssh"

{
ssh-keyscan -t rsa github.com
ssh-keyscan -t rsa ssh.dev.azure.com
Expand All @@ -57,6 +56,6 @@ chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/.ssh"

# Word is of the form "A"B"C" (B indicated). Did you mean "ABC" or "A\"B\"C"?shellcheck(SC2140)
# shellcheck disable=SC2140
chown -R "${RUNNER}":"${RUNNER}admin" "$AGENT_TOOLSDIRECTORY"
chown -R "${RUNNER}":"${RUNNERADMIN}" "$AGENT_TOOLSDIRECTORY"

printf "\n\tπŸ‹ Finished building πŸ‹\t\n"

0 comments on commit a74003e

Please sign in to comment.