woof-CE-libre/woof-code/rootfs-skeleton/usr/sbin/root2user

#!/bin/sh
#Barry Kauler, April 2011, GPL3 (/usr/share/doc/legal)
#intended to be called by rc.shutdown on 1st boot, create a non-root saved session.
#note, /usr/sbin/loginmanager is able to revert fido back to root.
#110918 run with or without X.
#111003 change from Xdialog to pupdialog.
#120317 L18L: set group/permissions for /dev/console
#120409 if using minit instead of busybox init.
#130528 change /root/.Diricon. No, revert.

. /etc/rc.d/PUPSTATE

#ask for a username? i don't think that is required.
NEWUSER='fido'

if [ $DISPLAY ];then
 export XDIALOG_HIGH_DIALOG_COMPAT=true #for Xdialog.
 DIALOGEXE="pupdialog"
 DIALOGEXE2="Xdialog"
 BACKGROUNDYELLOW='--background \#FFFF80' #110924 change to pale-yellow. yellow' #only works pupdialog.
 BACKGROUNDPINK='--background pink'     #ditto.
 BACKGROUNDORANGE='--background \#FFDC32' #110924 change to pale-orange. orange' #ditto.
 TITLEPARAM='--backtitle'
else
 DIALOGEXE="dialog"
 DIALOGEXE2="dialog"
 TITLEPARAM='--title'
 BACKGROUNDYELLOW=''
 BACKGROUNDPINK=''
 BACKGROUNDORANGE=''
fi

# -h means affect symlinks instead of target, -R means recursive...
busybox chown -h -R ${NEWUSER}:users /root
busybox chmod g+s /root
busybox chown -h -R spot:spot /root/spot

case $PUPMODE in
 2)
  echo
 ;;
 *)
  echo
 ;;
esac

#modify /etc/inittab to autologin as fido...
userEXPR='s%autologin root %autologin fido %'
sed -i -e "$userEXPR" /etc/inittab
#120409 if using minit instead of busybox init...
if [ -f /etc/minit/getty/1/params  ];then #see my minit pet pkg.
 EXPR2='s%^root$%fido%'
 sed -i -e "$EXPR2" /etc/minit/getty/1/params
fi

#stuff from pizzasgood, http://www.murga-linux.com/puppy/viewtopic.php?t=47410
#i don't know why setting these /dev permissions reverts to that in rootfs-skeleton
#on next boot, so have changed them in rootfs-skeleton also...
# ...oh, i think snapmergepuppy (when boot from usb) does not save /dev.
busybox chmod 770 /dev/zero
busybox chmod 770 /dev/ptmx
#set the setuid bit...
busybox chmod u+s `which ddcprobe`
[ "`which Xvesa`" ] && busybox chmod u+s `which Xvesa`
[ "`which Xorg`" ] && busybox chmod u+s `which Xorg`

#120317 L18L: ref http://murga-linux.com/puppy/viewtopic.php?t=71358&start=60
chgrp users /dev/console
chmod g+w /dev/console

#busybox has to be configured with CONFIG_FEATURE_SUID_CONFIG (ex: busybox-1.17.2-1-w5.pet)
busybox chmod u+s `which busybox`
#see docs on busybox.conf at: http://www.softforge.de/bb/suid.html
#also: http://www.slitaz.org/en/doc/scratchbook/base-system.html
echo '[SUID]
reboot = ssx root.0   # reboot can be run by anyone and runs with euid=0/egid=0
poweroff = ssx root.0
halt = ssx root.0
su = ssx root.root
# passwd = ssx root.root
loadkmap = ssx root.root
mount = ssx root.root
umount = ssx root.root
ps = ssx root.0
kill = ssx root.0
' > /etc/busybox.conf

#i made /dev/pts 777 (was 707) in rootfs-skeleton in Woof.

#optional, change root password, and require password to 'su root'...
ROOTPASSWORD="`${DIALOGEXE} ${BACKGROUNDYELLOW} ${TITLEPARAM} "First shutdown: ask admin password" --stdout --nocancel --inputbox "Please enter a password for the administrator (root), minimum six characters.\n\nLogin as fido does not require a password, so at bootup you will go directly to the desktop. This is also the case if you had chosen to run as administrator. However, having chosen the restricted fido user, you will be required to enter a password whenever you want to perform an operation that requires admin priviledges.\n\nPLEASE REMEMBER THIS PASSWORD" 0 0 ""`"
echo "root:${ROOTPASSWORD}" | busybox chpasswd #--md5
#sudo asks for user password, not root, simple solution give same password to both...
#(that is the default, but i have specified runaspw in /etc/sudoers to ask for root pw)
echo "fido:${ROOTPASSWORD}" | busybox chpasswd #--md5

#note, /usr/sbin/loginmanager enables to change back to root afterward.

###END###