jzerebecki/cockpit
SHA256
1
0
Fork 0
forked from cockpit/cockpit
Code Pull Requests Activity

Add motd guidance for setting up otp

Browse Source
This commit is contained in:
Alice Brooks 2024-09-30 08:08:58 +01:00 committed by Jan Zerebecki
parent 95f291257b
commit da121f4f66
No known key found for this signature in database
GPG Key ID: 94D2D0D2432ED7CC
3 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
0006-totp-motd.patch Normal file
View File

@ -0,0 +1,33 @@
--- a/src/systemd/inactive.motd
+++ b/src/systemd/inactive.motd
@@ -1,2 +1,7 @@
Activate the web console with: systemctl enable --now cockpit.socket
+Note: Cockpit disallows root login by default.
+To create a regular user and optionally enable 2FA run both:
+
+jeos-config user
+jeos-config otp
diff --git a/src/systemd/update-motd b/src/systemd/update-motd
index 67e0fb630..3c532d89f 100644
--- a/src/systemd/update-motd
+++ b/src/systemd/update-motd
@@ -18,7 +18,17 @@ ip=${3:-$(ip -o route get 255.0 2>/dev/null | sed -e 's/.*src \([^ ]*\) .*/\1/')
# protocol from cmdline, then https
protocol=${4:-https}
+mfa=""
+if ! grep -s pam_oath /etc/pam.d/cockpit; then
+ mfa="Note: Cockpit disallows root login by default.
+To create a regular user and optionally enable 2FA run both:
+
+jeos-config user
+jeos-config otp
+"
+fi
+
hostname_url="${protocol}://${hostname}:${port}/"
ip_url="${ip:+ or ${protocol}://${ip}:${port}/}"
-printf 'Web console: %s%s\n\n' "${hostname_url}" "${ip_url}" > /run/cockpit/active.motd
+printf 'Web console: %s%s\n\n%b\n' "${hostname_url}" "${ip_url}" "${mfa}" > /run/cockpit/active.motd

5
cockpit.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Mon Sep 30 07:08:12 UTC 2024 - Alice Brooks <alice.brooks@suse.com>
- add 0006-totp-motd.patch for guidance to enabling totp to the mtod
-------------------------------------------------------------------
Wed Sep 18 12:37:18 UTC 2024 - Jan Zerebecki <jan.suse@zerebecki.de>

2
cockpit.spec
View File

@ -68,6 +68,7 @@ Patch5: storage-btrfs.patch
# SLE Micro specific patches
Patch101: hide-pcp.patch
Patch102: 0002-selinux-temporary-remove-setroubleshoot-section.patch
Patch106: 0006-totp-motd.patch
# For anything based on SLES 15 codebase (including Leap, SLE Micro)
Patch103: 0004-leap-gnu18-removal.patch
Patch104: selinux_libdir.patch
@ -233,6 +234,7 @@ BuildRequires: python3-tox-current-env
# SLE Micro specific patches
%if 0%{?is_smo}
%patch -P 101 -p1
%patch -P 106 -p1
# Patches for versions lower then SLE Micro 5.5
%if 0%{?sle_version} < 150500
%patch -P 102 -p1