[ bugfix ] CPU speed adjustement was broken for 4core, improving two-factor...

[ bugfix ] CPU speed adjustement was broken for 4core, improving two-factor authentication - once enabled, tokens are valid for all users

[ bugfix ] CPU speed adjustement was broken for 4core, improving two-factor...
[ bugfix ] CPU speed adjustement was broken for 4core, improving two-factor authentication - once enabled, tokens are valid for all users
2691d038 · Igor Pecovnik · a8b9ba67 · 2691d038 · 2691d038 · 2691d038
Commit 2691d038 authored May 03, 2019 by Igor Pecovnik
--- a/debian-config
+++ b/debian-config
@@ -84,7 +84,7 @@ do
 	# read cpu speed
 	POLICY="policy0"
-	[[ $(grep -c '^processor' /proc/cpuinfo) -ge 4 ]] && POLICY="policy4"
+	[[ $(grep -c '^processor' /proc/cpuinfo) -gt 4 ]] && POLICY="policy4"
 	num=$(cat /sys/devices/system/cpu/cpufreq/$POLICY/scaling_min_freq 2> /dev/null)
        if [[ -f /etc/default/cpufrequtils && ! -z "${num##*[!0-9]*}" ]]; then
                FREQENCIES="\n"$(LC_ALL="C" cpufreq-info | grep policy | sed "s/  current policy: //" | sed 's/.*/\u&/' | tail -1)"\n"

--- a/debian-config-functions
+++ b/debian-config-functions
@@ -23,6 +23,7 @@
 # get_a20modes
 # get_h3modes
 # add_choose_user
+# google_token_allusers
 # configure_desktop
@@ -638,6 +639,28 @@ function add_choose_user ()
+#
+# Copy Google token to all local users.
+#
+function google_token_allusers ()
+{
+if [[ -f /root/.google_authenticator ]]; then
+	local USERS=($(awk -F'[/:]' '{if ($3 >= 1000 && $3 != 65534) print $1}' /etc/passwd))
+	for i in "${USERS[@]}"
+	do
+		USER=${i[0]//[[:blank:]]/}
+		if [[ -d /home/$USER ]]; then
+			cp /root/.google_authenticator /home/$USER/
+			chown ${USER}:${USER} /home/${USER}/.google_authenticator
+		fi
+	done
+fi
+}
 #
 # configure armbian desktop
 #

--- a/debian-config-jobs
+++ b/debian-config-jobs
@@ -1032,7 +1032,7 @@ function jobs ()
 	#
 	"CPU" )
 		POLICY="policy0"
-	        [[ $(grep -c '^processor' /proc/cpuinfo) -ge 4 ]] && POLICY="policy4"
+	        [[ $(grep -c '^processor' /proc/cpuinfo) -gt 4 ]] && POLICY="policy4"
 		generic_select "$(cat /sys/devices/system/cpu/cpufreq/$POLICY/scaling_available_frequencies)" "Select minimum CPU speed"
 		MIN_SPEED=$PARAMETER
 		generic_select "$(cat /sys/devices/system/cpu/cpufreq/$POLICY/scaling_available_frequencies)" "Select maximum CPU speed" "$PARAMETER"
@@ -1224,7 +1224,8 @@ function jobs ()
 			fi
 			DIALOG_CANCEL=2
 			DIALOG_ESC=255
-			LIST_CONST=7
+			LIST_CONST=9
+			WINDOW_SIZE=21
 			# variables cleanup
 			PermitRootLogin="";
@@ -1232,6 +1233,8 @@ function jobs ()
 			PasswordAuthentication="";
 			PhoneAuthentication=""
 			MergeParameter="";
+			ExtraDesc="";
 			Buttons="--no-cancel --ok-label "Save" --help-button --help-label Cancel"
 			# read values
@@ -1244,20 +1247,24 @@ function jobs ()
 			MOTD=( "PermitRootLogin" "Allow root login" "$PermitRootLogin" )
 			MOTD+=( "PasswordAuthentication" "Password login" "$PasswordAuthentication" )
 			MOTD+=( "PubkeyAuthentication" "SSH key login" "$PubkeyAuthentication" )
-			MOTD+=( "PhoneAuthentication" "Mobile phone one-time passcode" "$PhoneAuthentication" )
+			MOTD+=( "PhoneAuthentication" "Google two-step authentication with one-time passcode" "$PhoneAuthentication" )
-			LISTLENGTH="$(($LIST_CONST+${#MOTD[@]}/2))"
 			Buttons="--no-cancel --ok-label "Save" --help-button --help-label Cancel"
 			if [[ $PhoneAuthentication == "on" ]]; then
 				Buttons="--cancel-label Generate-token --ok-label "Save" --help-button --help-label Cancel"
+				ExtraDesc="\n\Z1Note:\Z0 Two-step verification token is identical for all users on the system.\n \n"
+				LIST_CONST=11
 				if [[ -f ~/.google_authenticator ]]; then
 					Buttons="--cancel-label New-token --ok-label "Save" --help-button --help-label Cancel --extra-button --extra-label Show-token"
 				fi
 			fi
+			LISTLENGTH="$((${#MOTD[@]}/3))"
+			HEIGHT="$((LISTLENGTH + $LIST_CONST))"
 			exec 3>&1
-				selection=$(dialog $Buttons --backtitle "$BACKTITLE" --title " Toggle sshd options " --clear --checklist \
+				selection=$(dialog --colors $Buttons --backtitle "$BACKTITLE" --title " Toggle sshd options " --clear --checklist \
-				"\nChoose what you want to enable or disable:\n " $LISTLENGTH 80 21 "${MOTD[@]}" 2>&1 1>&3)
+				"\nChoose what you want to enable or disable:\n $ExtraDesc" $HEIGHT 0 $LISTLENGTH "${MOTD[@]}" 2>&1 1>&3)
 				exit_status=$?
 			exec 3>&-
@@ -1336,8 +1343,12 @@ function jobs ()
 					display_qr_code
 				;;
 				1)
+					dialog --colors --title " \Z1Warning\Z0 " --backtitle "$BACKTITLE" --yes-label "Generate" --no-label "No" --yesno "\nWhen you generate new token you have to scan it with your mobile device again.\n\nUnderstand?" 10 48
+					if [[ $? = 0 ]]; then
 						google-authenticator -t -d -f -r 3 -R 30 -W -q
+						google_token_allusers
 						display_qr_code
+					fi
 				;;
 				esac
 		done