1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
# Configuration for the one-user-system user module.
#
# Besides these settings, the user module also places the following
# keys into the globalconfig area, based on user input in the view step.
#
# - hostname
# - username
# - password (obscured)
# - autologinUser (if enabled, set to username)
#
# These globalconfig keys are set when the jobs for this module
# are created.
---
# Used as default groups for the created user.
# Adjust to your Distribution defaults.
defaultGroups:
- lp
- lpadmin
- video
- tape
- uucp
- disk
- wheel
- audio
- cdrom
- cdrw
- cdemu
- games
- usb
- plugdev
- portage
- messagebus
- smbshare
# Some Distributions require a 'autologin' group for the user.
# Autologin causes a user to become automatically logged in to
# the desktop environment on boot.
# Disable when your Distribution does not require such a group.
# autologinGroup: autologin
# You can control the initial state for the 'autologin checkbox' here.
# Possible values are:
# - true to check or
# - false to uncheck
# These set the **initial** state of the checkbox.
doAutologin: true
# When *sudoersGroup* is set to a non-empty string, Calamares creates a
# sudoers file for the user. This file is located at:
# `/etc/sudoers.d/10-installer`
# Remember to add the (value of) *sudoersGroup* to *defaultGroups*.
#
# If your Distribution already sets up a group of sudoers in its packaging,
# remove this setting (delete or comment out the line below). Otherwise,
# the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
# potentially confusing users.
# sudoersGroup: wheel
# Setting this to false, causes the root account to be disabled.
# When disabled, hides the "Use the same password for administrator"
# checkbox. Also hides the "Choose a password" and associated text-inputs.
setRootPassword: true
# You can control the initial state for the 'reuse password for root'
# checkbox here. Possible values are:
# - true to check or
# - false to uncheck
#
# When checked, the user password is used for the root account too.
#
# NOTE: *doReusePassword* requires *setRootPassword* to be enabled.
doReusePassword: false
# These are optional password-requirements that a distro can enforce
# on the user. The values given in this sample file set only very weak
# validation settings.
#
# - nonempty rejects empty passwords
# - there are no length validations
# - libpwquality (if it is enabled at all) has no length of class
# restrictions, although it will still reject palindromes and
# dictionary words with these settings.
#
# Checks may be listed multiple times; each is checked separately,
# and no effort is done to ensure that the checks are consistent
# (e.g. specifying a maximum length less than the minimum length
# will annoy users).
#
# The libpwquality check relies on the (optional) libpwquality library.
# Its value is a list of configuration statements that could also
# be found in pwquality.conf, and these are handed off to the
# libpwquality parser for evaluation. The check is ignored if
# libpwquality is not available at build time (generates a warning in
# the log). The Calamares password check rejects passwords with a
# score of < 40 with the given libpwquality settings.
#
# (additional checks may be implemented in CheckPWQuality.cpp and
# wired into UsersPage.cpp)
#
# - To disable specific password validations:
# comment out the relevant 'passwordRequirements' keys below.
# - To disable all password validations:
# set both 'allowWeakPasswords' and 'allowWeakPasswordsDefault' to true.
# (That will show the box *Allow weak passwords* in the user-
# interface, and check it by default).
# passwordRequirements:
# nonempty: true
# minLength: -1 # Password at least this many characters
# maxLength: -1 # Password at most this many characters
# libpwquality:
# - minlen=0
# - minclass=0
# You can control the visibility of the 'strong passwords' checkbox here.
# Possible values are:
# - true to show or
# - false to hide (default)
# the checkbox. This checkbox allows the user to choose to disable
# password-strength-checks. By default the box is **hidden**, so
# that you have to pick a password that satisfies the checks.
allowWeakPasswords: true
# You can control the initial state for the 'strong passwords' checkbox here.
# Possible values are:
# - true to uncheck or
# - false to check (default)
# the checkbox by default. Since the box is labeled to enforce strong
# passwords, in order to **allow** weak ones by default, the box needs
# to be unchecked.
allowWeakPasswordsDefault: true
# Shell to be used for the regular user of the target system.
# There are three possible kinds of settings:
# - unset (i.e. commented out, the default), act as if set to /bin/bash
# - empty (explicit), don't pass shell information to useradd at all
# and rely on a correct configuration file in /etc/default/useradd
# - set, non-empty, use that path as shell. No validation is done
# that the shell actually exists or is executable.
# userShell: /bin/bash
# Hostname setting
#
# The user can enter a hostname; this is configured into the system
# in some way; pick one of:
# - *None*, to not set the hostname at all
# - *EtcFile*, to write to `/etc/hostname` directly
# - *Hostnamed*, to use systemd hostnamed(1) over DBus
# The default is *EtcFile*.
setHostname: EtcFile
# Should /etc/hosts be written with a hostname for this machine
# (also adds localhost and some ipv6 standard entries).
writeHostsFile: true
|
