Added file '/etc/adduser.conf' to core definition.

core/default/etc/adduser.conf

@@ -0,0 +1,109 @@
+# /etc/adduser.conf: `adduser' configuration.
+# See adduser(8) and adduser.conf(5) for full documentation.
+
+# A commented out setting indicates that this is the default in the
+# code. If you need to change those settings, remove the comment and
+# make your intended change.
+
+# STDERRMSGLEVEL, STDOUTMSGLEVEL, and LOGMSGLEVEL set the minimum
+# priority for messages logged to syslog/journal and the console,
+# respectively.
+# Values are trace, debug, info, warn, err, and fatal.
+# Messages with the set priority or higher get logged to the
+# respective medium.
+#STDERRMSGLEVEL=warn
+#STDOUTMSGLEVEL=info
+#SYSLOGLEVEL=info
+
+# The login shell to be used for all new users.
+# Default: DSHELL=/bin/bash
+#DSHELL=/bin/bash
+
+# The directory in which new home directories should  be  created.
+# Default: DHOME=/home
+# DHOME=/home
+
+# The directory from which skeletal user configuration files
+# will be copied.
+# Default: SKEL=/etc/skel
+#SKEL=/etc/skel
+
+# Specify inclusive ranges of UIDs and GIDs from which UIDs and GIDs
+# for system users, system groups, non-system users and non-system groups
+# can be dynamically allocated.
+# Default: FIRST_SYSTEM_UID=100, LAST_SYSTEM_UID=999
+#FIRST_SYSTEM_UID=100
+#LAST_SYSTEM_UID=999
+
+# Default: FIRST_SYSTEM_GID=100, LAST_SYSTEM_GID=999
+#FIRST_SYSTEM_GID=100
+#LAST_SYSTEM_GID=999
+
+# Default: FIRST_UID=1000, LAST_UID=59999
+#FIRST_UID=1000
+#LAST_UID=59999
+
+# Default: FIRST_GID=1000, LAST_GID=59999
+#FIRST_GID=1000
+#LAST_GID=59999
+
+# Specify a file or a directory containing UID and GID pool.
+#UID_POOL=/etc/adduser-pool.conf
+#UID_POOL=/etc/adduser-pool.d/
+#GID_POOL=/etc/adduser-pool.conf
+#GID_POOL=/etc/adduser-pool.d/
+
+# Specify whether each created non-system user will be
+# given their own group to use.
+# Default: USERGROUPS=yes
+#USERGROUPS=yes
+
+# Defines the groupname or GID of the group all newly-created
+# non-system users are placed into.
+# It is a configuration error to define both variables
+# even if the values are consistent.
+# Default: USERS_GID=undefined, USERS_GROUP=users
+#USERS_GID=100
+#USERS_GROUP=users
+
+# The permissions mode for home directories of non-system users.
+# Default: DIR_MODE=0750
+#DIR_MODE=0750
+
+# The permissions mode for home directories of system users.
+# Default: SYS_DIR_MODE=0750
+#SYS_DIR_MODE=0750
+
+# If set to a nonempty value, new users will have quotas copied
+# from that user with `edquota -p QUOTAUSER newuser'
+# Default: QUOTAUSER=""
+#QUOTAUSER=""
+
+# Non-system user- and groupnames are checked against this regular
+# expression.
+# Default: NAME_REGEX="^[a-z][-a-z0-9_]*\$?$"
+#NAME_REGEX="^[a-z][-a-z0-9_]*\$?$"
+
+# System user- and groupnames are checked against this regular
+# expression.
+# Default: SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*\$?$"
+#SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*\$?$"
+
+# When populating the newly created home directory of a non-system user,
+# files in SKEL matching this regex are not copied.
+# Default: SKEL_IGNORE_REGEX="\.(dpkg|ucf)-(old|new|dist|save)$"
+#SKEL_IGNORE_REGEX="\.(dpkg|ucf)-(old|new|dist|save)$"
+
+# list of groups that new non-system users will be added to
+# if ADD_EXTRA_GROUPS is non-zero or set on the command line.
+# Default: EXTRA_GROUPS="users"
+#EXTRA_GROUPS="users"
+
+# Setting this to something other than 0 will cause adduser to add
+# newly created non-system users to the list of groups defined by
+# EXTRA_GROUPS.
+# Default: ADD_EXTRA_GROUPS=0
+#ADD_EXTRA_GROUPS=0
+
+# use extrausers by default
+#USE_EXTRAUSERS=1

core/ensureUsageOfDefinitions.sh

@@ -12,16 +12,19 @@ function printIfEqual() {
 }
 
 function isCoreDefinition() {
-    echo "${1:?"Missing first parameter FILE"}" | grep -F '/root/.ssh/authorized_keys' &> /dev/null \
+    echo "${1:?"Missing first parameter FILE"}" | grep -F '/etc/adduser.conf' &> /dev/null \
         && return 0
 
     echo "${1:?"Missing first parameter FILE"}" | grep -F '/etc/ssh/sshd_config.d/AccessRestriction.conf' &> /dev/null \
         && return 0
 
+    echo "${1:?"Missing first parameter FILE"}" | grep -F '/etc/sudoers.d/allow-jenkins-updateRepositories' &> /dev/null \
+        && return 0
+
     echo "${1:?"Missing first parameter FILE"}" | grep -F '/home/jenkins/.ssh/authorized_keys' &> /dev/null \
         && return 0
 
-    echo "${1:?"Missing first parameter FILE"}" | grep -F '/etc/sudoers.d/allow-jenkins-updateRepositories' &> /dev/null \
+    echo "${1:?"Missing first parameter FILE"}" | grep -F '/root/.ssh/authorized_keys' &> /dev/null \
         && return 0
 
     return 1

setupCoreOntoThisHost.sh

@@ -125,13 +125,17 @@ function addDefinition(){
     readonly _DEFINITIONS _REPOSITORY
 
     [ "$(id -u)" == "0" ] \
+        && echo \
         && echo "Running setup as 'root' trying to add definition repository:" \
+        && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_DEFINITIONS}" readonly "${_REPOSITORY}" \
         && echo "  - definitions are usable for this host." \
         && return 0
 
     [ "$(id -u)" != "0" ] \
+        && echo \
         && echo "Running setup as 'user' trying to add definition repository:" \
+        && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_DEFINITIONS}" writable "${_REPOSITORY}" \
         && echo "  - definitions are usable, as working copy." \
         && return 0
@@ -146,6 +150,7 @@ function addState() {
     readonly _STATES _REPOSITORY
 
     [ "$(id -u)" == "0" ] \
+        && echo \
         && echo "Running setup as 'root' trying to add state repository:" \
         && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_STATES}" writable "${_REPOSITORY}" \
@@ -153,6 +158,7 @@ function addState() {
         && return 0
 
     [ "$(id -u)" != "0" ] \
+        && echo \
         && echo "Running setup as 'user' trying to add state repository:" \
         && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_STATES}" writable "${_REPOSITORY}" \
@@ -169,13 +175,18 @@ function setupCoreFunctionality() {
     readonly _DEFINITIONS _MINUTE_FROM_OWN_IP
 
     [ "$(id -u)" != "0" ] \
+        && echo \
         && echo "Configuration of host skipped because of insufficient rights." \
         && return 1
 
     [ "$(id -u)" == "0" ] \
+        && echo \
+        && echo "Using definitions: '${_DEFINITIONS:?"Missing DEFINITIONS"}' ..." \
         && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}defineAuthorizedKeysOfUser.sh" "${_DEFINITIONS}" root \
         && echo \
+        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}ensureUsageOfDefinitions.sh" "${_DEFINITIONS}" /etc/adduser.conf \
+        && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addNormalUser.sh" jenkins \
         && echo \
         && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}defineAuthorizedKeysOfUser.sh" "${_DEFINITIONS}" jenkins \
@@ -199,12 +210,8 @@ function setup() {
     _STATES="${_CIS_ROOT:?"Missing CIS_ROOT"}states/${_DOMAIN:?"Missing DOMAIN"}"
     readonly _DEFINITIONS _DOMAIN _STATES
 
-    echo \
+    addDefinition "${_DEFINITIONS:?"Missing DEFINITIONS"}" "${_DOMAIN:?"Missing DOMAIN"}" \
-        && addDefinition "${_DEFINITIONS:?"Missing DEFINITIONS"}" "${_DOMAIN:?"Missing DOMAIN"}" \
-        && echo \
         && addState "${_STATES:?"Missing STATES"}" "${_DOMAIN:?"Missing DOMAIN"}" \
-        && echo \
-        && echo "Using definitions: '${_DEFINITIONS:?"Missing DEFINITIONS"}' ..." \
         && setupCoreFunctionality "${_DEFINITIONS:?"Missing DEFINITIONS"}" \
         && return 0