From ef54a246f0a66000470cddd676d5b3c8f85dc633 Mon Sep 17 00:00:00 2001 From: veilor-org Date: Fri, 1 May 2026 18:25:57 +0100 Subject: [PATCH] v0.2.3: os-release branding + admin user creation in %post MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - kde-theme-apply.sh: search /etc/os-release.d/veilor (where overlay put it) before falling back to $REPO/overlay path. Rewire symlinks cleanly: /etc/os-release → ../usr/lib/os-release. - Kickstart: useradd admin in chroot %post since livecd-creator skips the `user` directive (no installer phase). Blank pw + expired = forced reset at first login same as before. --- kickstart/veilor-os.ks | 11 +++++++++-- scripts/kde-theme-apply.sh | 17 +++++++++++++---- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/kickstart/veilor-os.ks b/kickstart/veilor-os.ks index 725b70e..0a17c3e 100644 --- a/kickstart/veilor-os.ks +++ b/kickstart/veilor-os.ks @@ -212,8 +212,15 @@ bash $REPO/scripts/selinux/build-policy.sh || echo "[WARN] SELinux build failed; # Apply KDE theme + DuckSans + os-release branding bash $REPO/scripts/kde-theme-apply.sh -# Force admin password set on first boot (chage expires immediately) -chage -d 0 admin +# Force admin password set on first boot. +# livecd-creator does NOT honor `user` kickstart directive (it's a LIVE +# image, no installer step). Create admin manually in chroot %post. +if ! getent passwd admin >/dev/null; then + useradd -m -G wheel -s /bin/bash -c "veilor admin" admin + passwd -d admin # blank password + chage -d 0 admin # expire → forced reset on first login + echo "[INFO] admin user created (blank password, expired)" +fi # zram swap (no disk swap; keys never leak to platter) dnf install -y zram-generator || true diff --git a/scripts/kde-theme-apply.sh b/scripts/kde-theme-apply.sh index fc79809..cbe5feb 100755 --- a/scripts/kde-theme-apply.sh +++ b/scripts/kde-theme-apply.sh @@ -49,10 +49,19 @@ ok "fontconfig: Fira Code = default font" # ── /etc/os-release branding ── info "Branding /etc/os-release" -if [[ -f "$REPO/overlay/etc/os-release.d/veilor" ]]; then - install -m 0644 "$REPO/overlay/etc/os-release.d/veilor" /etc/os-release - ln -sf /etc/os-release /usr/lib/os-release 2>/dev/null || true - ok "os-release set to veilor-os" +SRC_OSREL="" +for cand in /etc/os-release.d/veilor "$REPO/overlay/etc/os-release.d/veilor"; do + [[ -f $cand ]] && SRC_OSREL=$cand && break +done +if [[ -n $SRC_OSREL ]]; then + # /etc/os-release is symlink to /usr/lib/os-release on Fedora. + # Overwrite the actual file and rewire symlinks deterministically. + rm -f /etc/os-release /usr/lib/os-release + install -m 0644 "$SRC_OSREL" /usr/lib/os-release + ln -sf ../usr/lib/os-release /etc/os-release + ok "os-release set to veilor-os (source: $SRC_OSREL)" +else + warn "no os-release.d/veilor found — branding skipped" fi # ── Plymouth theme (optional) ──