Enable DM autologin and make polkit always succeed for USERNAME.

dracut/module-setup.sh

@@ -14,4 +14,6 @@ install() {
     inst chmod
     inst_hook pre-pivot 01 "$moddir/vmklive-adduser.sh"
     inst_hook pre-pivot 02 "$moddir/vmklive-conf.sh"
+    inst_hook pre-pivot 03 "$moddir/vmklive-polkit.sh"
+    inst_hook pre-pivot 04 "$moddir/vmklive-display-manager-autologin.sh"
 }

dracut/vmklive-display-manager-autologin.sh

@@ -0,0 +1,34 @@
+#!/bin/sh
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+USERNAME=$(getarg live.user)
+[ -z "$USERNAME" ] && USERNAME=anon
+
+# Configure GDM autologin
+if [ -d ${NEWROOT}/etc/gdm ]; then
+    GDMCustomFile=${NEWROOT}/etc/gdm/custom.conf
+    AutologinParameters="AutomaticLoginEnable=true\nAutomaticLogin=$USERNAME"
+
+    # Prevent from updating if parameters already present (persistent usb key)
+    if ! `grep -qs 'AutomaticLoginEnable' $GDMCustomFile` ; then
+        if ! `grep -qs '\[daemon\]' $GDMCustomFile` ; then
+            echo '[daemon]' >> $GDMCustomFile
+        fi
+        sed -i "s/\[daemon\]/\[daemon\]\n$AutologinParameters/" $GDMCustomFile
+    fi
+fi
+
+# Configure lightdm autologin.
+if [ -r ${NEWROOT}/etc/lightdm.conf ]; then
+    sed -i -e "s|^\#\(default-user=\).*|\1$USERNAME|" \
+        ${NEWROOT}/etc/lightdm.conf
+    sed -i -e "s|^\#\(default-user-timeout=\).*|\10|" \
+        ${NEWROOT}/etc/lightdm.conf
+fi
+
+# Configure lxdm autologin.
+if [ -r ${NEWROOT}/etc/lxdm/lxdm.conf ]; then
+    sed -i -e "s|^\#\# \(autologin=\).*|\1$USERNAME|" \
+        ${NEWROOT}/etc/lxdm/lxdm.conf
+fi

dracut/vmklive-polkit.sh

@@ -0,0 +1,44 @@
+#!/bin/sh
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+USERNAME=$(getarg live.user)
+[ -z "$USERNAME" ] && USERNAME=anon
+
+# Check that polkit is installed.
+if [ ! -x ${NEWROOT}/usr/libexec/polkitd ]; then
+    exit 0
+fi
+
+# configure PolicyKit in live session
+mkdir -m0755 -p ${NEWROOT}/etc/PolicyKit
+cat << EOF > ${NEWROOT}/etc/PolicyKit/PolicyKit.conf
+<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
+
+<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
+"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
+
+<!-- See the manual page PolicyKit.conf(5) for file format -->
+
+<config version="0.1">
+    <match user="root">
+        <return result="yes"/>
+    </match>
+    <!-- don't ask password for user in live session -->
+    <match user="$USERNAME">
+        <return result="yes"/>
+    </match>
+    <define_admin_auth group="admin"/>
+</config>
+EOF
+
+mkdir -m0750 -p ${NEWROOT}/var/lib/polkit-1/localauthority/10-vendor.d
+cat << EOF > ${NEWROOT}/var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla
+# Policy to allow the livecd user to bypass policykit
+[Live CD user permissions]
+Identity=unix-user:$USERNAME
+Action=*
+ResultAny=no
+ResultInactive=no
+ResultActive=yes
+EOF