From f358cb6d2c7d3c4e4ee28788c42af3d11e1ffaa8 Mon Sep 17 00:00:00 2001 From: The_miro Date: Fri, 22 May 2026 04:06:49 +0200 Subject: [PATCH] fix(installer): fix FIDO2 user login and AUR module failures - Pin pamu2fcfg enrollment to the target hostname (-o/-i pam://$HOSTNAME) so the credential origin matches pam_u2f.so at runtime; enrolling outside the chroot previously used the live ISO hostname, causing auth to fail - Add `cue` to the pam_u2f.so PAM line so ly prompts the user to touch the key after password entry - Add --needed to hyprlua AUR yay call to survive re-runs - Degrade gracefully in lamco-rdp-server when no user D-Bus session is active (systemctl --user enable would abort the module under set -e) Co-Authored-By: Claude Sonnet 4.6 --- setup/archbaseos-guided-install.sh | 4 ++-- setup/modules/Desktop-Environments/hyprlua.sh | 2 +- setup/modules/optional-Modules/apps/lamco-rdp-server.sh | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/setup/archbaseos-guided-install.sh b/setup/archbaseos-guided-install.sh index bad5f8b..0c35f3f 100755 --- a/setup/archbaseos-guided-install.sh +++ b/setup/archbaseos-guided-install.sh @@ -382,7 +382,7 @@ grub-mkconfig -o /boot/grub/grub.cfg if [[ "$ENABLE_FIDO_USER" == "YES" ]]; then mkdir -p "/home/$USERNAME/.config/Yubico" chown "$USERNAME:$USERNAME" "/home/$USERNAME/.config/Yubico" - echo "auth required pam_u2f.so" >> /etc/pam.d/system-auth + echo "auth required pam_u2f.so cue" >> /etc/pam.d/system-auth fi CHROOT_EOF @@ -393,7 +393,7 @@ if [[ "$ENABLE_FIDO_USER" == "YES" ]]; then echo "Enrolling FIDO2 key for user login (outside chroot)..." U2F_KEYFILE="/mnt/home/${USERNAME}/.config/Yubico/u2f_keys" mkdir -p "/mnt/home/${USERNAME}/.config/Yubico" - pamu2fcfg -u "$USERNAME" > "$U2F_KEYFILE" + pamu2fcfg -u "$USERNAME" -o "pam://$HOSTNAME" -i "pam://$HOSTNAME" > "$U2F_KEYFILE" _NEWUID=$(arch-chroot /mnt id -u "$USERNAME" 2>/dev/null || echo "1000") _NEWGID=$(arch-chroot /mnt id -g "$USERNAME" 2>/dev/null || echo "1000") chown -R "$_NEWUID:$_NEWGID" "/mnt/home/${USERNAME}/.config/Yubico" diff --git a/setup/modules/Desktop-Environments/hyprlua.sh b/setup/modules/Desktop-Environments/hyprlua.sh index 60d10b7..8ef349d 100755 --- a/setup/modules/Desktop-Environments/hyprlua.sh +++ b/setup/modules/Desktop-Environments/hyprlua.sh @@ -38,7 +38,7 @@ sudo systemctl enable udisks2.service # 4. Install AUR packages log "Installing AUR packages..." rustup default stable -yay -Syu --answerdiff None --answerclean All --noconfirm \ +yay -Syu --answerdiff None --answerclean All --noconfirm --needed \ hyprland-workspaces vicinae-bin bluetuith wvkbd iwmenu pinta \ walker-bin ulauncher bzmenu udiskie \ wofi-calc bri chamel diff --git a/setup/modules/optional-Modules/apps/lamco-rdp-server.sh b/setup/modules/optional-Modules/apps/lamco-rdp-server.sh index 40b19a4..33e6934 100644 --- a/setup/modules/optional-Modules/apps/lamco-rdp-server.sh +++ b/setup/modules/optional-Modules/apps/lamco-rdp-server.sh @@ -8,7 +8,8 @@ log "Installing lamco-rdp-server (AUR)..." yay -S --answerdiff None --answerclean All --noconfirm lamco-rdp-server log "Enabling lamco-rdp-server as user service..." -systemctl --user enable lamco-rdp-server.service +systemctl --user enable lamco-rdp-server.service 2>/dev/null \ + || warn "No user session active — run after login: systemctl --user enable lamco-rdp-server.service" log "lamco-rdp-server enabled as a user service." log "Start it with: systemctl --user start lamco-rdp-server"