Dustin C. Hatch
f886a1bd8a
I do not like how Fedora CoreOS configures `sudo` to allow the *core* user to run privileged processes without authentication. Rather than assign the user a password, which would then have to be stored somewhere, we'll install *pam_ssh_agent_auth* and configure `sudo` to use it for authentication. This way, only users with the private key corresponding to one of the configured public keys can run `sudo`. Naturally, *pam_ssh_agent_auth* has to be installed on the host system. We achieve this by executing `rpm-ostree` via `nsenter` to escape the container. Once it is installed, we configure the PAM stack for `sudo` to use it and populate the authorized keys database. We also need to configure `sudo` to keep the `SSH_AUTH_SOCK` environment variable, so *pam_ssh_agent_auth* knows where to look for the private keys. Finally, we disable the default NOPASSWD rule for `sudo`, if and only if the new configuration was installed.