By implementing checksum verification, your pipeline architecture calculates the cryptographic hash of the user setup script at startup. It then compares this live hash against a known, pre-approved master hash. If the hashes match, the script is verified as safe and unmodified. If they differ, Maya blocks execution immediately, protecting the workstation. Choosing the Right Hashing Algorithm
To create a new user with automatic checksum verification: maya secure user setup checksum verification
Building a secure checksum ecosystem requires careful infrastructure planning around your verification code. Strict File System Permissions If they differ
Producer side:
| Issue | Likely Cause | Solution | |--------|---------------|----------| | Checksum mismatch on first setup | Template files changed after manifest generation | Regenerate manifest from current source | | Verification passes but user can’t log in | Permissions or SELinux context issue | Run maya secure audit perms --user | | Cron job reports false mismatches | User files legitimately changed (e.g., .bash_history ) | Exclude dynamic files from manifest (use .maya_ignore ) | Maya blocks execution immediately
Consumer side (during user setup):