Switch from --scope to a transient service so systemd can run
fusermount -u via ExecStop before terminating the process.
With KillMode=none, gocryptfs exits on its own once the FUSE
filesystem is detached.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
If the IPA server FQDN cannot be resolved at startup (e.g. due to a
DNSSEC outage or network not yet ready), the logon script would silently
fail later. The new check prompts the user to retry, continue anyway, or
quit, so the problem is immediately visible.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
SSSD >= 2.10.1 no longer raises CAP_DAC_READ_SEARCH to effective in
offline mode, so validate_tgt fails with EACCES reading /etc/krb5.keytab
before the cached-credential fallback is reached. Adding krb5_validate =
False disables the keytab validation step and restores reliable offline
authentication for FreeIPA domain users.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
git clean -fd scopes to the current directory and below, so running it
from the system_setup/ subdirectory missed untracked files in sibling
dirs like config/. Use -C "${SYSCONFIGPATH}" to always clean from the
repo root regardless of invocation directory.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace the broken `git rebase HEAD^` with a proper shallow fetch:
- `git fetch --depth=1` limits local history to one commit, regardless of server history
- `git reset --hard FETCH_HEAD` syncs the working tree to the fetched tip
- `git clean -fd` removes untracked non-ignored files left by old versions
- `git gc --prune=now` immediately purges unreachable history objects
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- sync_client_software.sh: add system-wide flatpak session-bus override for
Nextcloud so KWallet D-Bus access works for all users; fix broken compound
test ([ a || b ] → [ a ] || [ b ])
- user_run.sh: check KWallet entries with hasEntry before writing — skip write
and print info message when both passwords are already present; remove stale
commented-out code
- install.sh: forward REPO_URL and REPO_BRANCH into configure.sh environment
for both the su- and direct-bash invocation paths
- configure.sh: simplify do_configure (user cleanup)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
setup_system.inc.sh: replace $(dirname "$0") with $(dirname "${BASH_SOURCE[0]:-$0}") so
paths resolve correctly whether the file is sourced or executed directly. Add --missingconfok
flag to warn-and-continue instead of prompting+aborting when config is missing. Fix machine_uuid
path (missing ../). Move `source config` into the else branch so it is not reached when
missingconfok skips the exit.
install.sh: source inc.sh instead of executing it as a subprocess so exported variables
(REPO_URL etc.) propagate back to the caller. Fix git-origin conflict handling: when reusing
an existing OEMDRV partition the user has already confirmed they want to keep it, so remove
the "fresh clone / wipe" option entirely. Now always pulls (fetch+checkout) when a git repo
is present; clears and fresh-clones only when no git repo exists on the partition.
basic_pre_script.inc: dot-source inc.sh so INSTALLDOCS and other config vars are available.
config.dist, sync_client_software.sh: rename UPGRADEURL/UPGRADEBRANCH to REPO_URL/REPO_BRANCH
to match the variable names already used in install.sh.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Use config/setup_system.conf as the template for configure.conf when
present, so existing values appear as defaults. Falls back to the dist
file on a fresh install.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- install.sh: pre-create ks.cfg with o+w after permission setup so
non-root users can overwrite it (OEMDRV root itself stays o=rX)
- install.sh: restore su drop to $SUDO_USER when it is set and not
root; fall back to direct root execution otherwise
- configure.sh: remove the hard root check so both cases work
- configure.md: update docs to reflect root/non-root support
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Move setup_system.conf.dist to system_setup/config.dist/ and
skel.tar.zst.dist + pack_skel.sh to system_setup/skel/; config/ now
holds only gitignored local files
- Fix configure.sh CONF_DIST path (was pointing at non-existent
config/setup_system.conf.dist)
- Fix skel/pack_skel.sh: remove vestigial source line whose path was
wrong in both old and new location
- Update error messages in setup_system.inc.sh and
sync_client_software.sh to reference new dist file location
- Move machine_uuid reading/writing into setup_system.inc.sh so all
scripts have MACHINEID available; setup_system.conf.dist now uses
MACHINEID conditionally with a hostname fallback
- sync_client_software.sh: fix && / typo (should be && \) that broke
the flatpak remote-add → install chain; add network error handling
after flatpak install; cleanup upgrade logic and chown placement
- Update CLAUDE.md and install.md to reflect new dist file locations
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Detect existing OEMDRV partition at startup; offer to reuse it
instead of creating a new one (mounts if needed, sources existing
setup_system.inc.sh before cloning)
- When existing repo origin/branch differs from REPO_URL/REPO_BRANCH,
offer to pull from existing origin, migrate to new origin (preserving
gitignored local files), or fall through to fresh clone
- Extract finish_install() and do_clone_and_done() helpers to share
clone, permissions, and configure.sh prompt across all paths
- Replace generic chmod with chown root:root + chmod ug=rwX,o=rX
recursively, plus o+w on config/ and config.d/
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fetches user_full_name (givenname + sn) and user_email from FreeIPA via
ipalib and writes them into the Thunderbird IMAP account prefs. Adds
ipalib availability check to logon_script.sh. Drops TB_MAIL_FULLNAME
config variable.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
/var/tmp is persistent on-disk storage. The encryption key must never
be written to disk, even temporarily. Replaced all occurrences of
/var/tmp/IPAVAULTKEY.txt with ${XDG_RUNTIME_DIR}/IPAVAULTKEY, which
is a per-user tmpfs directory (/run/user/<UID>) created by
systemd-logind: guaranteed memory-only, mode 0700, wiped on logout.
Also removed the TODO comment that tracked this exact issue.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
KDE Plasma runs each autostart .desktop entry as a systemd user unit.
systemd tracks service liveness by cgroup membership, not just the
main PID. Any process forked inside the service — even via setsid or &
— stays in the service's cgroup and keeps app-logon_script.sh@autostart
in active (running) state indefinitely after logon_script.sh exits.
mount_ecrypt_home.sh: wrap the gocryptfs mount call with
systemd-run --user --scope --unit=gocryptfs-home
The FUSE daemon that gocryptfs forks now lives in its own transient
scope cgroup. Exit-code propagation is unchanged because systemd-run
--scope returns the main process's exit code.
0050_nextcloud_desktopclient/user_run.sh: replace
/usr/bin/setsid ... &
with
systemd-run --user --scope --unit=nextcloud-client ... &
setsid creates a new session but does not move the process out of the
cgroup; systemd-run --scope does.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Free-space start alignment
parted reports free space starting at 0,02 MiB (before the GPT
alignment boundary). The collect_free_space awk now rounds the start
up to the next whole MiB (ceiling) and enforces a minimum of 1 MiB,
then recomputes the usable size from the adjusted start. This prevents
parted from being asked to create a partition at 0 MiB, which it
cannot do.
Locale-independent partition creation
The previous `printf 'Yes\n' | parted mkpart` relied on parted
accepting an English answer to its alignment-confirmation prompt.
On a German-locale system parted asks "Ist dies noch akzeptabel?"
and ignores "Yes", causing mkpart to fail. Replaced with `parted -s`
(script/non-interactive mode), consistent with every other parted
call in the script.
Correct new-partition detection on disks with gaps
The old heuristic took the highest partition number after partprobe.
On a disk where existing partitions are numbered 2/3/4, a new
partition in the gap before them receives number 1 — making the
old heuristic point at partition 4 (the existing btrfs volume) and
subsequently run mkfs.btrfs on it. The new awk matches by start
position (OEMDRV_START ± 1 MiB) instead, which is unambiguous
regardless of how numbers are assigned.
Infinite loop on EOF stdin
When the selection while-loop's `read` hits EOF (e.g. stdin exhausted
after sudo consumed a piped password), it returns exit code 1 with an
empty INPUT, which falls through to "Invalid input." and spins
forever. Added `|| { echo; echo "Aborted."; exit 0; }` to all three
read calls in the loop.
install.md: drop stale install_from_repo.sh reference from title;
clarify that REPO_URL/REPO_BRANCH overrides are optional.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
install.sh writes the last 12 chars of the DMI system UUID to
config.d/machine_uuid.sys (0444) after git clone, so non-root scripts
can derive the hardware-bound hostname without needing dmidecode.
conf.dist reads machine_uuid.sys first; falls back to dmidecode (root)
or hostname -s (user) if the file is absent.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Instead of dying immediately, check_tools now lists missing packages,
asks the user to install them with dnf, and re-verifies after install.
Decline still aborts as before.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Each variable is now prompted in a retry loop so a failed test re-prompts
that specific variable instead of restarting the whole wizard. Adds DNS-based
IPA domain validation (_ldap._tcp SRV + _kerberos TXT + _kerberos._udp SRV),
matching what ipa-client-install --domain performs. Fixes syntax errors
(bare `do` → `while true; do`, `continue` → `break`). Expands VARS to include
IPAVAULTNAME, CLIENT_SOFTWARE_SRC, DISTCONFIGPATH_SRC.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Daniel unbrot Pätzold
unbrot