From f6e24df737db3b020087ded2d42e8fb6b64e4d9b Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Tue, 9 Jun 2020 19:52:01 +0200
Subject: [PATCH] We don't want a first user

---
 README.md                          | 8 --------
 build.sh                           | 8 --------
 export-image/04-finalise/01-run.sh | 4 ----
 stage1/01-sys-tweaks/00-run.sh     | 4 ----
 stage2/01-sys-tweaks/01-run.sh     | 3 ---
 5 files changed, 27 deletions(-)

diff --git a/README.md b/README.md
index 29d8166..c218fe0 100644
--- a/README.md
+++ b/README.md
@@ -114,14 +114,6 @@ The following environment variables are supported:
    To get the current value from a running system, look in
    `/etc/timezone`.
 
- * `FIRST_USER_NAME` (Default: "pi" )
-
-   Username for the first user
-
- * `FIRST_USER_PASS` (Default: "raspberry")
-
-   Password for the first user
-
  * `WPA_ESSID`, `WPA_PASSWORD` and `WPA_COUNTRY` (Default: unset)
 
    If these are set, they are use to configure `wpa_supplicant.conf`, so that the Raspberry Pi can automatically connect to a wifi network on first boot. If `WPA_ESSID` is set and `WPA_PASSWORD` is unset an unprotected wifi network will be configured. If set, `WPA_PASSWORD` must be between 8 and 63 characters.
diff --git a/build.sh b/build.sh
index a8247ab..3652a12 100755
--- a/build.sh
+++ b/build.sh
@@ -164,8 +164,6 @@ export LOG_FILE="${WORK_DIR}/build.log"
 
 export TARGET_HOSTNAME=${TARGET_HOSTNAME:-raspberrypi}
 
-export FIRST_USER_NAME=${FIRST_USER_NAME:-pi}
-export FIRST_USER_PASS=${FIRST_USER_PASS:-raspberry}
 export RELEASE=${RELEASE:-buster}
 export WPA_ESSID
 export WPA_PASSWORD
@@ -210,12 +208,6 @@ source "${SCRIPT_DIR}/dependencies_check"
 
 dependencies_check "${BASE_DIR}/depends"
 
-#check username is valid
-if [[ ! "$FIRST_USER_NAME" =~ ^[a-z][-a-z0-9_]*$ ]]; then
-	echo "Invalid FIRST_USER_NAME: $FIRST_USER_NAME"
-	exit 1
-fi
-
 if [[ -n "${APT_PROXY}" ]] && ! curl --silent "${APT_PROXY}" >/dev/null ; then
 	echo "Could not reach APT_PROXY server: ${APT_PROXY}"
 	exit 1
diff --git a/export-image/04-finalise/01-run.sh b/export-image/04-finalise/01-run.sh
index 0864639..c3aa1eb 100755
--- a/export-image/04-finalise/01-run.sh
+++ b/export-image/04-finalise/01-run.sh
@@ -12,10 +12,6 @@ if hash hardlink 2>/dev/null; then
 fi
 EOF
 
-if [ -d "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" ]; then
-	chmod 700 "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config"
-fi
-
 rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache"
 rm -f "${ROOTFS_DIR}/usr/bin/qemu-arm-static"
 
diff --git a/stage1/01-sys-tweaks/00-run.sh b/stage1/01-sys-tweaks/00-run.sh
index 9c380ec..c94045a 100755
--- a/stage1/01-sys-tweaks/00-run.sh
+++ b/stage1/01-sys-tweaks/00-run.sh
@@ -5,10 +5,6 @@ install -m 644 files/noclear.conf "${ROOTFS_DIR}/etc/systemd/system/getty@tty1.s
 install -v -m 644 files/fstab "${ROOTFS_DIR}/etc/fstab"
 
 on_chroot << EOF
-if ! id -u ${FIRST_USER_NAME} >/dev/null 2>&1; then
-	adduser --disabled-password --gecos "" ${FIRST_USER_NAME}
-fi
-echo "${FIRST_USER_NAME}:${FIRST_USER_PASS}" | chpasswd
 echo "root:root" | chpasswd
 EOF
 
diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh
index 8d28adc..5d83c17 100755
--- a/stage2/01-sys-tweaks/01-run.sh
+++ b/stage2/01-sys-tweaks/01-run.sh
@@ -40,9 +40,6 @@ on_chroot <<EOF
 for GRP in input spi i2c gpio; do
 	groupadd -f -r "\$GRP"
 done
-for GRP in adm dialout cdrom audio users sudo video games plugdev input gpio spi i2c netdev; do
-  adduser $FIRST_USER_NAME \$GRP
-done
 EOF
 
 on_chroot << EOF