From 4f9386bb94cbcba6e665546e8315f55ee92e9f8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jake=20Buchholz=20G=C3=B6kt=C3=BCrk?= <tomalok@gmail.com>
Date: Mon, 8 May 2023 02:37:54 +0000
Subject: [PATCH] Add "create_default_user" Init Action

---
 lib/tiny-cloud/init   | 26 ++++++++++++++++++++++++--
 tests/init-early.test |  6 +++---
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/lib/tiny-cloud/init b/lib/tiny-cloud/init
index 21d09a9..616a360 100644
--- a/lib/tiny-cloud/init
+++ b/lib/tiny-cloud/init
@@ -13,7 +13,8 @@
 INIT_ACTIONS_EARLY="
     expand_root
     install_hotplugs
-    set_interfaces_default
+    set_default_interfaces
+    create_default_user
 "
 INIT_ACTIONS_MAIN="
     save_userdata
@@ -135,7 +136,7 @@ auto_detect_ethernet_interface() {
     echo "$iface"
 }
 
-init__set_interfaces_default() {
+init__set_default_interfaces() {
     if [ -f "$ROOT"/etc/network/interfaces ]; then
         echo "already set up" >&2
         log info "$phase $ACTION - already set up"
@@ -159,6 +160,27 @@ init__set_interfaces_default() {
         "use dhcp"  >> "$ROOT/etc/network/interfaces"
 }
 
+init__create_default_user() {
+    local user="$CLOUD_USER"
+    # don't do anything if it already exists
+    if getent passwd "$user" >/dev/null; then
+        echo "already exists" >&2
+        log info "$phase $ACTION - already exists"
+        return
+    fi
+
+    addgroup "$user"
+    adduser -h "/home/$user" -s /bin/sh -G "$user" -D "$user"
+    addgroup "$user" wheel
+    echo "$user:*" | chpasswd -e
+
+    # setup sudo and/or doas
+    [ -d "$ROOT/etc/sudoers.d" ] &&
+        echo '%wheel ALL=(ALL) NOPASSWD: ALL' > "$ROOT/etc/sudoers.d/wheel"
+    [ -d "$ROOT/etc/doas.d" ] &&
+        echo 'permit nopass :wheel' > "$TARGET/etc/doas.d/wheel.conf"
+}
+
 
 ### init-main functions
 
diff --git a/tests/init-early.test b/tests/init-early.test
index cfbbb4a..3e52c0f 100755
--- a/tests/init-early.test
+++ b/tests/init-early.test
@@ -13,7 +13,7 @@ init_tests \
 	ethernets \
 	find_first_interface_up \
 	auto_detect_ethernet_interface \
-	set_interfaces_default
+	set_default_interfaces
 
 PROVIDERS="aws azure gcp nocloud oci"
 
@@ -87,12 +87,12 @@ auto_detect_ethernet_interface_body() {
 		sh -c ". $lib; TINY_CLOUD_LINK_WAIT_MAX=1; auto_detect_ethernet_interface"
 }
 
-set_interfaces_default_body() {
+set_default_interfaces_body() {
 	fake_interfaces eth0 eth1
 	echo up > sys/class/net/eth1/operstate
 
 	atf_check \
-		sh -c ". $lib; init__set_interfaces_default"
+		sh -c ". $lib; init__set_default_interfaces"
 	atf_check \
 		-o match:"auto lo" \
 		-o match:"iface eth1" \