gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature:TSG-7183增加user, admin, support用户并对操作过程进行审计

Browse Source
This commit is contained in:
fumingwei
2021-07-27 17:10:18 +08:00
parent 0735b62643
commit 4b55b24c84
2 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tools/mk-base-image
View File

@@ -74,6 +74,14 @@ cp -rf $projectdir/rootconf/sysroot-lib/* $target/lib/
cp -rf $projectdir/rootconf/sysroot-usr/service/* $target/usr/lib/systemd/system
ln -vfs --relative $target/usr/lib/systemd/system/ldconfig.service $target/usr/lib/systemd/system/sysinit.target.wants/ldconfig.service
#tty audit using pam
mv $target/etc/pam.d/system-auth $target/etc/pam.d/system-auth-local
mv $target/etc/pam.d/password-auth $target/etc/pam.d/password-auth-local
echo "session required pam_tty_audit.so enable=*" >> $target/etc/pam.d/system-auth-local
echo "session required pam_tty_audit.so enable=*" >> $target/etc/pam.d/password-auth-local
ln -vfs --relative $target/etc/pam.d/system-auth-local $target/etc/pam.d/system-auth
ln -vfs --relative $target/etc/pam.d/password-auth-local $target/etc/pam.d/password-auth
# ansible-playbook -i tsg-9140-scripts/install_config/tsg_9140_host tsg-9140-scripts/tsg_9140_deploy.yml
yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt clean all