Chore: Upgrade Jenkins-job-builder to 6.3.0

[releng/global-jjb.git] / jenkins-init-scripts / create-jenkins-user.sh

diff --git a/jenkins-init-scripts/create-jenkins-user.sh b/jenkins-init-scripts/create-jenkins-user.sh
index 0983129..980eacf 100755 (executable)
--- a/jenkins-init-scripts/create-jenkins-user.sh
+++ b/jenkins-init-scripts/create-jenkins-user.sh
@@ -12,10 +12,10 @@
 OS=$(facter operatingsystem | tr '[:upper:]' '[:lower:]')
 OS_RELEASE=$(facter lsbdistrelease | tr '[:upper:]' '[:lower:]')
 
-if [[ "$OS_RELEASE" == "18.04" ]] && [[ "$OS" == 'ubuntu' ]]
-then
-  echo 'PATH=$HOME/.local/bin:$PATH
-export PATH' >> /etc/profile
+if [[ "$OS_RELEASE" == "18.04" && "$OS" == 'ubuntu' ]]; then
+    # We do not want var expansion here as profile script expands at runtime.
+    # shellcheck disable=SC2016
+    echo 'export PATH=$HOME/.local/bin:$PATH' >> /etc/profile
 fi
 
 useradd -m -s /bin/bash jenkins
@@ -30,12 +30,13 @@ if grep -q mock /etc/group; then
 fi
 
 mkdir /home/jenkins/.ssh
-cp -r "/home/${OS}/.ssh/authorized_keys" /home/jenkins/.ssh/authorized_keys
+cp "/home/${OS}/.ssh/authorized_keys" /home/jenkins/.ssh/authorized_keys
+chmod 0600 /home/jenkins/.ssh/authorized_keys
 
 # Generate ssh key for use by Robot jobs
 echo -e 'y\n' | ssh-keygen -N "" -f /home/jenkins/.ssh/id_rsa -t rsa
 chown -R jenkins:jenkins /home/jenkins/.ssh
-chmod 700 /home/jenkins/.ssh
+chmod 0700 /home/jenkins/.ssh
 
 # The '/w' volume may already be part of image
 [[ ! -d '/w' ]] && mkdir /w