#22544
The Linux wipe/lock scripts have lived as duplicated in two locations
for a long time. This removes the copy that isn't used.
The remaining scripts in the `ee/server/service/embedded_scripts` folder
are pulled in here.
12d8017ff9/ee/server/service/hosts.go (L499-L508)
It looks like the `wipe` script in `scripts/mdm/linux` was even slightly
out of date compared with the one in the `ee/` folder.
#22437
There is a bug in Ubuntu 24.04's distribution of GDM that prevents it
from starting correctly and displaying a prompt to the user if
`/etc/nologin` is present. This issue is not present on the current
release of Fedora, meaning it is Ubuntu specific.
The way we lock users out is by manually creating the `nologin` file and
then masking the `systemd-user-sessions` systemd unit, which creates the
file on shutdown and deletes it on startup. This will cause a PAM policy
to fail and prevents anyone from logging in. When we unlock the system
we delete the `nologin` file, unmask the `systemd-user-sessions` unit,
and manually run the binary that it should start.
This process removes the cause of the GDM bug, but we need to reboot the
machine to get GDM working again.
While I have not yet been able to determine the exact cause of the bug,
this fix will prevent the user from being stuck with a black screen once
the machine is unlocked.
This fix will not remedy GDM showing a black screen upon being locked,
it only ensures that the user isn't stuck having to manually reboot the
machine once it's unlocked.
We should check back on this soon to see if the bug gets been fixed
upstream.
#20370
Part 2 to #20699. Apparently `systemd` now automatically deletes
`/etc/nologin` on startup. In the previous PR, rebooting the machine
would remove the nologin file and allow users to login. This PR masks
the service that performs the deletion, preventing it from running.
The message displayed to the user will be what is specified in [this
file](7767896d12/tmpfiles.d/systemd-nologin.conf (L10)).
It's not the best, but I suspect messing with too many systemd files
could come back to bite us in the future if things change, so I'll leave
it as-is.
#18173
Creates a detached child shell process to wipe the host. This lets the
main shell script return and tells the server the command has completed,
clearing it from the run queue.
Now shuts the host down after being wiped instead of leaving it running
without files like a zombie
