Add rancher user and lock root

scripts/ci

@@ -22,6 +22,7 @@ generate_images()
     if [ -e ${BUILD}/${IMAGE_ID} ]; then
         DOCKER_BASE=$(<${BUILD}/${IMAGE_ID})
     else
+        echo Running: docker run -d --privileged ${DOCKER_IMAGE} /source/scripts/build-images
         CID=$(docker run -d --privileged ${DOCKER_IMAGE} /source/scripts/build-images)
         docker logs -f ${CID} &
         trap "docker rm -f ${CID}" exit

scripts/dockerimages/00-base

@@ -19,5 +19,7 @@ RUN rm /sbin/poweroff /sbin/reboot /sbin/halt && \
        /var/lock \
        /var/log \
        /var/run \
-       /var/spool
-CMD ["/bin/sh"]
+       /var/spool && \
+    passwd -l root && \
+    addgroup sudo && \
+    echo '%sudo ALL=(ALL) ALL' > /etc/sudoers.d/sudo-group

scripts/dockerimages/06-console

@@ -1,3 +1,7 @@
 FROM base
 COPY scripts/dockerimages/scripts/console.sh /usr/sbin/
+RUN adduser -G sudo -D -h /home/rancher -s /bin/bash rancher && \
+    sed -i 's/rancher.*/rancher:rixbL64o6zGmY:16486:0:99999:7:::/g' /etc/shadow && \
+    mkdir -p /home/rancher && \
+    chmod 2755 /home/rancher
 CMD ["/usr/sbin/console.sh"]

scripts/dockerimages/scripts/console.sh

@@ -1,4 +1,5 @@
 #!/bin/sh
+# Test
 
 CLOUD_CONFIG_FILE=/var/lib/rancher/cloud-config
 
@@ -6,6 +7,13 @@ if [ -s $CLOUD_CONFIG_FILE ]; then
 	cloud-init --from-file $CLOUD_CONFIG_FILE
 fi
 
+RANCER_HOME=/home/rancher
+if [ ! -d ${RANCER_HOME} ]; then
+    mkdir -p ${RANCER_HOME}
+    chown rancher:rancher ${RANCER_HOME}
+    chmod 2755 ${RANCER_HOME}
+fi
+
 cat > /etc/respawn.conf << EOF
 /sbin/getty 115200 tty1
 /sbin/getty 115200 tty2