From e32fa6e4775286d0a1cfd7847f86d421bde4f93b Mon Sep 17 00:00:00 2001
From: Mikhail Chusavitin <mchusavitin@mchusmbp.local>
Date: Sat, 14 Mar 2026 08:33:36 +0300
Subject: [PATCH] Use live-config autologin for bee user

---
 iso/builder/auto/config                                       | 2 +-
 iso/builder/config/hooks/normal/9000-bee-setup.hook.chroot    | 4 ++++
 .../systemd/system/getty@tty1.service.d/zz-bee-autologin.conf | 3 ---
 iso/builder/config/package-lists/bee.list.chroot              | 1 +
 iso/overlay/etc/sudoers.d/bee                                 | 1 +
 5 files changed, 7 insertions(+), 4 deletions(-)
 delete mode 100644 iso/builder/config/includes.chroot/etc/systemd/system/getty@tty1.service.d/zz-bee-autologin.conf
 create mode 100644 iso/overlay/etc/sudoers.d/bee

diff --git a/iso/builder/auto/config b/iso/builder/auto/config
index 9221e53..709763e 100755
--- a/iso/builder/auto/config
+++ b/iso/builder/auto/config
@@ -23,6 +23,6 @@ lb config noauto \
     --memtest none \
     --iso-volume "BEE-DEBUG" \
     --iso-application "Bee Hardware Audit" \
-    --bootappend-live "boot=live components console=tty0 console=ttyS0,115200n8 modprobe.blacklist=nouveau" \
+    --bootappend-live "boot=live components console=tty0 console=ttyS0,115200n8 username=bee user-fullname=Bee modprobe.blacklist=nouveau" \
     --apt-recommends false \
     "${@}"
diff --git a/iso/builder/config/hooks/normal/9000-bee-setup.hook.chroot b/iso/builder/config/hooks/normal/9000-bee-setup.hook.chroot
index f068c1f..bb70f36 100755
--- a/iso/builder/config/hooks/normal/9000-bee-setup.hook.chroot
+++ b/iso/builder/config/hooks/normal/9000-bee-setup.hook.chroot
@@ -28,4 +28,8 @@ udevadm control --reload-rules 2>/dev/null || true
 # Create log directory
 mkdir -p /var/log
 
+if [ -f /etc/sudoers.d/bee ]; then
+    chmod 0440 /etc/sudoers.d/bee
+fi
+
 echo "=== bee chroot setup complete ==="
diff --git a/iso/builder/config/includes.chroot/etc/systemd/system/getty@tty1.service.d/zz-bee-autologin.conf b/iso/builder/config/includes.chroot/etc/systemd/system/getty@tty1.service.d/zz-bee-autologin.conf
deleted file mode 100644
index a7a3088..0000000
--- a/iso/builder/config/includes.chroot/etc/systemd/system/getty@tty1.service.d/zz-bee-autologin.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-[Service]
-ExecStart=
-ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM
diff --git a/iso/builder/config/package-lists/bee.list.chroot b/iso/builder/config/package-lists/bee.list.chroot
index 88bc0ca..b4bb67b 100644
--- a/iso/builder/config/package-lists/bee.list.chroot
+++ b/iso/builder/config/package-lists/bee.list.chroot
@@ -22,6 +22,7 @@ lsof
 file
 less
 vim-tiny
+sudo
 zstd
 
 # QR codes (for displaying audit results)
diff --git a/iso/overlay/etc/sudoers.d/bee b/iso/overlay/etc/sudoers.d/bee
new file mode 100644
index 0000000..42b10eb
--- /dev/null
+++ b/iso/overlay/etc/sudoers.d/bee
@@ -0,0 +1 @@
+bee ALL=(ALL) NOPASSWD: ALL