fix(installer): fix FIDO2 user login and AUR module failures

- Pin pamu2fcfg enrollment to the target hostname (-o/-i pam://$HOSTNAME) so the credential origin matches pam_u2f.so at runtime; enrolling outside the chroot previously used the live ISO hostname, causing auth to fail - Add `cue` to the pam_u2f.so PAM line so ly prompts the user to touch the key after password entry - Add --needed to hyprlua AUR yay call to survive re-runs - Degrade gracefully in lamco-rdp-server when no user D-Bus session is active (systemctl --user enable would abort the module under set -e) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-22 04:06:49 +02:00 · 2026-05-22 04:06:49 +02:00 · f358cb6d2c
parent 0c88a09a0f
commit f358cb6d2c
3 changed files with 5 additions and 4 deletions
--- a/setup/archbaseos-guided-install.sh
+++ b/setup/archbaseos-guided-install.sh
@ -382,7 +382,7 @@ grub-mkconfig -o /boot/grub/grub.cfg
 if [[ "$ENABLE_FIDO_USER" == "YES" ]]; then
    mkdir -p "/home/$USERNAME/.config/Yubico"
    chown "$USERNAME:$USERNAME" "/home/$USERNAME/.config/Yubico"
-    echo "auth required pam_u2f.so" >> /etc/pam.d/system-auth
+    echo "auth required pam_u2f.so cue" >> /etc/pam.d/system-auth
 fi

 CHROOT_EOF
@ -393,7 +393,7 @@ if [[ "$ENABLE_FIDO_USER" == "YES" ]]; then
    echo "Enrolling FIDO2 key for user login (outside chroot)..."
    U2F_KEYFILE="/mnt/home/${USERNAME}/.config/Yubico/u2f_keys"
    mkdir -p "/mnt/home/${USERNAME}/.config/Yubico"
-    pamu2fcfg -u "$USERNAME" > "$U2F_KEYFILE"
+    pamu2fcfg -u "$USERNAME" -o "pam://$HOSTNAME" -i "pam://$HOSTNAME" > "$U2F_KEYFILE"
    _NEWUID=$(arch-chroot /mnt id -u "$USERNAME" 2>/dev/null || echo "1000")
    _NEWGID=$(arch-chroot /mnt id -g "$USERNAME" 2>/dev/null || echo "1000")
    chown -R "$_NEWUID:$_NEWGID" "/mnt/home/${USERNAME}/.config/Yubico"
--- a/setup/modules/Desktop-Environments/hyprlua.sh
+++ b/setup/modules/Desktop-Environments/hyprlua.sh
@ -38,7 +38,7 @@ sudo systemctl enable udisks2.service
 # 4. Install AUR packages
 log "Installing AUR packages..."
 rustup default stable
-yay -Syu --answerdiff None --answerclean All --noconfirm \
+yay -Syu --answerdiff None --answerclean All --noconfirm --needed \
    hyprland-workspaces vicinae-bin bluetuith wvkbd iwmenu pinta \
    walker-bin ulauncher bzmenu udiskie \
    wofi-calc bri chamel
--- a/setup/modules/optional-Modules/apps/lamco-rdp-server.sh
+++ b/setup/modules/optional-Modules/apps/lamco-rdp-server.sh
@ -8,7 +8,8 @@ log "Installing lamco-rdp-server (AUR)..."
 yay -S --answerdiff None --answerclean All --noconfirm lamco-rdp-server

 log "Enabling lamco-rdp-server as user service..."
-systemctl --user enable lamco-rdp-server.service
+systemctl --user enable lamco-rdp-server.service 2>/dev/null \
+    || warn "No user session active — run after login: systemctl --user enable lamco-rdp-server.service"

 log "lamco-rdp-server enabled as a user service."
 log "Start it with:  systemctl --user start lamco-rdp-server"