Sample script does not fix locale or sudo for ubuntu:devel, default sudoers dangerous about wsl-distribution-switcher HOT 6 CLOSED

Hi,

I played around with the scripts a bit, and I noticed that the sample script does a couple of bad things.
First, instead of adding the primary user directly to the sudoers with no password, the user should be added to the group sudo with the shell command

The script has a few design choices that I was forced into due to WSL's limitations. Since the distribution you are installing might not work out of the box, I try not to launch the new rootfs and do things there, instead try to manipulate files from the outside.

That's why I manually open the /etc/{passwd,shadow,group,gshadow} files and migrate your current root password and your regular user account. While manipulating the group file, I could add an entry of your regular user belonging to the sudo group.

However, I'm not going to do that, since the sudo group is distribution-specific. Debian and Ubuntu uses that, but Fedora/RHEL/Arch uses wheel. The usermod command may also not be installed on all distributions out of the box.

The bottom line is, the installer tries to do as much possible, without taking any distribution-specific steps.

Second, it should install sudo if the package manager is supported.

The provided hook already does this, but it's not enabled by default. Rename hook_postinstall_all.sample.sh to hook_postinstall_all.sh, and the installer will run it during every installation.

This is also the part which adds the user to sudoers with NOPASSWD, so I'm assuming you overlooked this.

I presume the best option would be to have an argument or environment variable control whether the regular user should be added to sudoers with NOPASSWD or not.

Third, for some reason with the ubuntu:devel docker image, you need to decompress with gzip the UTF8 charmap:

Haven't really used ubuntu:devel. I'll look into this, and update the sample hook script to do this, if necessary.

from wsl-distribution-switcher.

@RoliSoft I guess if you're adding the user directly to sudoers, don't give them NOPASSWD. Worst case scenario if locked out, they can do
lxrun /setdefaultuser root

from wsl-distribution-switcher.

9803686 fixes the locale issue. For me, SUPPORTED was only a text file, not a directory, therefore the correct path to ungzip was /usr/share/i18n/charmaps/UTF-8.gz.

I'll see what to do about the sudoers thing.

from wsl-distribution-switcher.

Yeah, it was only a text file. I reconstructed that path from my bash history, and I had accidentally tried to cd SUPPORTED by accident probably

from wsl-distribution-switcher.

22b0903 adds user to sudo or wheel depending on the distribution being APT or RPM-based.

The sudo command on ubuntu:devel seems to be broken, which imho just introduces more issues for the average user than NOPASSWD:

sudo: no tty present and no askpass program specified

You can run it with sudo -S, and you can add an alias to your .bash_profile, but I'm not going to modify the user's dotfiles automatically.

from wsl-distribution-switcher.

@RoliSoft It works fine here on 14905. I'm pretty sure that support for Xenial's and Yakkety's sudo command was added in 14902.

from wsl-distribution-switcher.