fixes for laptops

author: Cullum Smith <cullum@sacredheartsc.com> 2024-12-07 09:46:11 -0500
committer: Cullum Smith <cullum@sacredheartsc.com> 2024-12-07 09:46:11 -0500
commit: 3bf88b434d231231bbbcb9a9d34eae91778016cf (patch)
tree: 903af25abd49155841decab469876ee19b2e53fa /files
parent: 3d89a01c4b1cf1aa1815e8c46d5d6b74b0f9f374 (diff)
download: infrastructure-3bf88b434d231231bbbcb9a9d34eae91778016cf.tar.gz
15 files changed, 101 insertions, 11 deletions
diff --git a/files/etc/devd/lid-close.conf.laptop b/files/etc/devd/lid-close.conf.laptop
deleted file mode 100644
index 751c546..0000000
--- a/files/etc/devd/lid-close.conf.laptop
+++ /dev/null
@@ -1,6 +0,0 @@
-notify 20 {
-  match "system"    "ACPI";
-  match "subsystem" "Lid";
-  match "notify"    "0x00";
-  action            "/usr/local/libexec/lid-close";
-};
diff --git a/files/etc/devd/lid-close.conf.roadwarrior_laptop b/files/etc/devd/lid-close.conf.roadwarrior_laptop
deleted file mode 120000
index b6dd50e..0000000
--- a/files/etc/devd/lid-close.conf.roadwarrior_laptop
+++ /dev/null
@@ -1 +0,0 @@
-lid-close.conf.laptop
-\ No newline at end of file
diff --git a/files/etc/devfs.rules.roadwarrior_laptop b/files/etc/devfs.rules.roadwarrior_laptop
new file mode 120000
index 0000000..62718d0
--- /dev/null
+++ b/files/etc/devfs.rules.roadwarrior_laptop
@@ -0,0 +1 @@
+devfs.rules.desktop
+\ No newline at end of file
diff --git a/files/etc/login.conf.roadwarrior_laptop b/files/etc/login.conf.roadwarrior_laptop
index 2dde3a4..0ac24a1 120000..100644
--- a/files/etc/login.conf.roadwarrior_laptop
+++ b/files/etc/login.conf.roadwarrior_laptop
@@ -1 +1,65 @@
-login.conf.desktop
-\ No newline at end of file
+default:\\
+	:passwd_format=sha512:\\
+	:copyright=/etc/COPYRIGHT:\\
+	:welcome=/var/run/motd:\\
+	:setenv=BLOCKSIZE=K,XDG_DATA_DIRS=${xdg_override_dir}\\c/usr/local/share:\\
+	:mail=/var/mail/\$:\\
+	:path=/sbin /bin /usr/local/sbin /usr/local/bin /usr/sbin /usr/bin ~/bin:\\
+	:nologin=/var/run/nologin:\\
+	:cputime=unlimited:\\
+	:datasize=unlimited:\\
+	:stacksize=unlimited:\\
+	:memorylocked=64M:\\
+	:memoryuse=unlimited:\\
+	:filesize=unlimited:\\
+	:coredumpsize=unlimited:\\
+	:openfiles=unlimited:\\
+	:maxproc=unlimited:\\
+	:sbsize=unlimited:\\
+	:vmemoryuse=unlimited:\\
+	:swapuse=unlimited:\\
+	:pseudoterminals=unlimited:\\
+	:kqueues=unlimited:\\
+	:umtxp=unlimited:\\
+	:pipebuf=unlimited:\\
+	:priority=0:\\
+	:ignoretime@:\\
+	:umask=022:\\
+	:charset=UTF-8:\\
+	:lang=${locale}:
+
+#
+# A collection of common class names - forward them all to 'default'
+# (login would normally do this anyway, but having a class name
+#  here suppresses the diagnostic)
+#
+standard:\\
+	:tc=default:
+xuser:\\
+	:tc=default:
+staff:\\
+	:tc=default:
+
+# This PATH may be clobbered by individual applications.  Notably, by default,
+# rc(8), service(8), and cron(8) will all override it with a default PATH that
+# may not include /usr/local/sbin and /usr/local/bin when starting services or
+# jobs.
+daemon:\\
+	:path=/sbin /bin /usr/sbin /usr/bin /usr/local/sbin /usr/local/bin:\\
+	:mail@:\\
+	:memorylocked=128M:\\
+	:tc=default:
+news:\\
+	:tc=default:
+dialer:\\
+	:tc=default:
+
+#
+# Root can always login
+#
+# N.B.  login_getpwclass(3) will use this entry for the root account,
+#       in preference to 'default'.
+root:\\
+	:ignorenologin:\\
+	:memorylocked=unlimited:\\
+	:tc=default:
diff --git a/files/etc/pam.d/kde.roadwarrior_laptop b/files/etc/pam.d/kde.roadwarrior_laptop
new file mode 100644
index 0000000..f28d9e1
--- /dev/null
+++ b/files/etc/pam.d/kde.roadwarrior_laptop
@@ -0,0 +1,6 @@
+auth      optional    /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      required    pam_exec.so     return_prog_exit_status expose_authtok use_first_pass /usr/local/libexec/unix-selfauth-helper
+
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so nodefgroup
+account   required    pam_unix.so
diff --git a/files/etc/pam.d/sddm.freebsd b/files/etc/pam.d/sddm.freebsd
index c222750..cebac04 100644
--- a/files/etc/pam.d/sddm.freebsd
+++ b/files/etc/pam.d/sddm.freebsd
@@ -3,6 +3,7 @@
 # if we want pam_kwallet5 to execute.
 # Hence, for sddm, we try krb5 only (no local accounts).
 auth      sufficient  pam_self.so no_warn
+auth      required    pam_unix.so
 auth      required    /usr/local/lib/security/pam_krb5.so try_first_pass
 auth      optional    pam_exec.so /usr/local/libexec/pam-create-local-homedir
 auth      optional    pam_kwallet5.so
diff --git a/files/etc/pam.d/sddm.roadwarrior_laptop b/files/etc/pam.d/sddm.roadwarrior_laptop
new file mode 100644
index 0000000..0922e95
--- /dev/null
+++ b/files/etc/pam.d/sddm.roadwarrior_laptop
@@ -0,0 +1,19 @@
+auth      sufficient  pam_self.so no_warn
+auth      optional    /usr/local/lib/security/pam_krb5.so try_first_pass
+auth      required    pam_unix.so try_first_pass
+auth      optional    pam_kwallet5.so
+
+account   requisite   pam_securetty.so
+account   required    pam_nologin.so
+account   required    /usr/local/lib/security/pam_krb5.so
+account   required    pam_login_access.so nodefgroup
+account   required    pam_unix.so
+
+session   required    pam_lastlog.so no_fail
+session   required    pam_xdg.so no_fail
+session   required    /usr/local/lib/security/pam_krb5.so
+session   optional    /usr/local/lib/pam_mkhomedir.so mode=0700
+session   optional    pam_kwallet5.so auto_start
+
+password  required    pam_unix.so no_warn try_first_pass
+password  optional    /usr/local/lib/security/pam_krb5.so try_first_pass
diff --git a/files/usr/local/etc/chromium/policies/managed/policies.json.desktop b/files/usr/local/etc/chromium/policies/managed/policies.json.desktop
index 1391d09..e6ef0b7 100644
--- a/files/usr/local/etc/chromium/policies/managed/policies.json.desktop
+++ b/files/usr/local/etc/chromium/policies/managed/policies.json.desktop
@@ -86,7 +86,7 @@
       "update_url": "https://clients2.google.com/service/update2/crx"
     },
     "cimiefiiaegbelhefglklhhakcgmhkai": {
-      "installation_mode": "$(if [ "${desktop_type:-}" = kde ]; then echo normal_installed; else echo allowed; fi)",
+      "installation_mode": "normal_installed",
       "update_url": "https://clients2.google.com/service/update2/crx"
     }
   },
diff --git a/files/usr/local/etc/polkit-1/rules.d/51-desktop.rules.laptop b/files/usr/local/etc/polkit-1/rules.d/51-desktop.rules.laptop
new file mode 120000
index 0000000..d524580
--- /dev/null
+++ b/files/usr/local/etc/polkit-1/rules.d/51-desktop.rules.laptop
@@ -0,0 +1 @@
+51-desktop.rules.desktop
+\ No newline at end of file
diff --git a/files/usr/local/etc/polkit-1/rules.d/51-desktop.rules.roadwarrior_laptop b/files/usr/local/etc/polkit-1/rules.d/51-desktop.rules.roadwarrior_laptop
new file mode 120000
index 0000000..d524580
--- /dev/null
+++ b/files/usr/local/etc/polkit-1/rules.d/51-desktop.rules.roadwarrior_laptop
@@ -0,0 +1 @@
+51-desktop.rules.desktop
+\ No newline at end of file
diff --git a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
index 3ee3437..a2027db 100644
--- a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
+++ b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
@@ -93,6 +93,7 @@ net-mgmt/icingadb
 net-mgmt/icingaweb2
 net-mgmt/icingaweb2-module-icingadb
 net-mgmt/monitoring-plugins
+net-mgmt/networkmgr
 net-mgmt/unifi8
 net/asterisk18
 net/freeradius3
diff --git a/files/usr/local/etc/ssh/sshd_config.roadwarrior_laptop b/files/usr/local/etc/ssh/sshd_config.roadwarrior_laptop
new file mode 120000
index 0000000..355377d
--- /dev/null
+++ b/files/usr/local/etc/ssh/sshd_config.roadwarrior_laptop
@@ -0,0 +1 @@
+sshd_config.no_idm
+\ No newline at end of file
diff --git a/files/usr/local/lib/firefox/distribution/policies.json.desktop b/files/usr/local/lib/firefox/distribution/policies.json.desktop
index aa2de1b..79625fe 100644
--- a/files/usr/local/lib/firefox/distribution/policies.json.desktop
+++ b/files/usr/local/lib/firefox/distribution/policies.json.desktop
@@ -11,11 +11,11 @@
       },
       "{9cbd40c5-5275-443e-811b-dc57d8c7c5d2}": {
         "install_url": "https://addons.mozilla.org/firefox/downloads/latest/kde-default-breeze/latest.xpi",
-        "installation_mode": "$(if [ "${desktop_type:-}" = kde ]; then echo 'normal_installed'; else echo 'allowed'; fi)"
+        "installation_mode": "normal_installed"
       },
       "plasma-browser-integration@kde.org": {
         "install_url": "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi",
-        "installation_mode": "$(if [ "${desktop_type:-}" = kde ]; then echo normal_installed; else echo allowed; fi)"
+        "installation_mode": "normal_installed"
       }
     },
     "3rdparty": {
diff --git a/files/usr/local/lib/thunderbird/distribution/policies.json.laptop b/files/usr/local/lib/thunderbird/distribution/policies.json.laptop
new file mode 120000
index 0000000..93bcb92
--- /dev/null
+++ b/files/usr/local/lib/thunderbird/distribution/policies.json.laptop
@@ -0,0 +1 @@
+policies.json.desktop
+\ No newline at end of file
diff --git a/files/usr/local/lib/thunderbird/distribution/policies.json.roadwarrior_laptop b/files/usr/local/lib/thunderbird/distribution/policies.json.roadwarrior_laptop
new file mode 120000
index 0000000..93bcb92
--- /dev/null
+++ b/files/usr/local/lib/thunderbird/distribution/policies.json.roadwarrior_laptop
@@ -0,0 +1 @@
+policies.json.desktop
+\ No newline at end of file
author	Cullum Smith <cullum@sacredheartsc.com>	2024-12-07 09:46:11 -0500
committer	Cullum Smith <cullum@sacredheartsc.com>	2024-12-07 09:46:11 -0500
commit	3bf88b434d231231bbbcb9a9d34eae91778016cf (patch)
tree	903af25abd49155841decab469876ee19b2e53fa /files
parent	3d89a01c4b1cf1aa1815e8c46d5d6b74b0f9f374 (diff)
download	infrastructure-3bf88b434d231231bbbcb9a9d34eae91778016cf.tar.gz