protocol-7/shellprocess-final.conf at main · The-LainOS-Project/protocol-7 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# /etc/calamares/modules/shellprocess.conf
# Protocol 7 v3.9 – Runtime & User Activation Only
# Static sovereignty layer already installed via protocol7-core

dontChroot: false
timeout: 600

script:
    - "echo 'Protocol 7 v3.9: Activating runtime & user layer...'"

    # 1. Secure privilege escalation (doas – user-specific)
    - "echo 'permit persist :wheel' > /etc/doas.conf"
    - "echo 'permit nopass :wheel as root cmd /usr/bin/openrc-shutdown' >> /etc/doas.conf"
    - "echo 'permit nopass :wheel as root cmd /usr/sbin/zzz' >> /etc/doas.conf"
    - "echo 'permit nopass :wheel as root cmd /usr/bin/reboot' >> /etc/doas.conf"
    - "echo 'permit nopass :wheel as root cmd /usr/bin/poweroff' >> /etc/doas.conf"
    - "echo 'permit nopass :wheel as root cmd /usr/bin/iwctl' >> /etc/doas.conf"
    - "chown root:root /etc/doas.conf"
    - "chmod 0400 /etc/doas.conf"

    # 2. Enable ALL required OpenRC services
    - "rc-update add cgroups sysinit"
    - "rc-update add eudev sysinit"
    - "rc-update add dbus default"
    - "rc-update add openrc-settingsd default"
    - "rc-update add seatd default"
    - "rc-update add haveged default"
    - "rc-update add iwd default"
    - "rc-update add openresolv default"
    - "rc-update add syslog-ng default"
    - "rc-update add greetd default"

    # Protocol 7 critical services
    - "rc-update add lainos-ghost-units sysinit"
    - "rc-update add cgroup-delegate boot"
    - "rc-update add lainos-notifyd sysinit"
    - "rc-update add lainos-dbus-bridge default"

    # 3. greetd + tuigreet config (display manager)
    - "mkdir -p /etc/greetd"
    - "echo '[terminal]' > /etc/greetd/config.toml"
    - "echo 'vt = 1' >> /etc/greetd/config.toml"
    - "echo '' >> /etc/greetd/config.toml"
    - "echo '[default_session]' >> /etc/greetd/config.toml"
    - "echo 'command = \"tuigreet --cmd /usr/libexec/lainos/lainos-init\"' >> /etc/greetd/config.toml"
    - "echo 'user = \"greeter\"' >> /etc/greetd/config.toml"
    - "chown -R greeter:greeter /etc/greetd"

    # 4. D-Bus UUID generation
    - "mkdir -p /var/lib/dbus"
    - "dbus-uuidgen --ensure || true"

    # 5. User group membership
    - "usermod -aG video,render,seat,input,lp,adm,storage,tor $username || true"

i18n:
    name: "Activating Protocol 7 Runtime & User Layer..."