diff options
| author | Tomas Mraz <tm@t8m.info> | 2008-02-01 16:22:23 +0000 |
|---|---|---|
| committer | Tomas Mraz <tm@t8m.info> | 2008-02-01 16:22:23 +0000 |
| commit | 2535f925c1a6049e5ad9ee4f313bcaa79131932b (patch) | |
| tree | b0f1ae461c7b4650ccd8c5211e57f24c114eb79c /modules/pam_namespace/namespace.init | |
| parent | 538dad819245deb53f1d55109130dce2199c6730 (diff) | |
| download | pam-2535f925c1a6049e5ad9ee4f313bcaa79131932b.tar.gz pam-2535f925c1a6049e5ad9ee4f313bcaa79131932b.tar.bz2 pam-2535f925c1a6049e5ad9ee4f313bcaa79131932b.zip | |
Relevant BUGIDs:
Purpose of commit: new feature
Commit summary:
---------------
2008-02-01 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/namespace.conf.5.xml: Add documentation for
tmpfs and tmpdir polyinst and for ~ user list modifier.
* modules/pam_namespace/namespace.init: Add documentation for the
new init parameter. Add home directory initialization script.
* modules/pam_namespace/pam_namespace.8.xml: Document the new
init parameter of the namespace.init script.
* modules/pam_namespace/pam_namespace.c(copy_ent): Copy exclusive flag.
(cleanup_data): New function.
(process_line): Set exclusive flag. Add tmpfs and tmpdir methods.
(ns_override): Change behavior on the exclusive flag.
(poly_name): Process tmpfs and tmpdir methods.
(inst_init): Add flag for new directory initialization.
(create_dirs): Process the tmpdir method, add the new directory
flag.
(ns_setup): Remove unused code. Process the tmpfs method.
(cleanup_tmpdirs): New function.
(setup_namespace): Set data for proper cleanup. Cleanup the tmpdirs
on failures.
(pam_sm_close_session): Instead of parsing the config file again use
the previously set data for cleanup.
* modules/pam_namespace/pam_namespace.h: Add TMPFS and TMPDIR methods
and exclusive flag.
Diffstat (limited to 'modules/pam_namespace/namespace.init')
| -rwxr-xr-x | modules/pam_namespace/namespace.init | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/modules/pam_namespace/namespace.init b/modules/pam_namespace/namespace.init index 0e9be68f..424c6d0c 100755 --- a/modules/pam_namespace/namespace.init +++ b/modules/pam_namespace/namespace.init @@ -1,24 +1,24 @@ #!/bin/sh -p -# This is only a boilerplate for the instance initialization script. -# It receives polydir path as $1 and the instance path as $2. +# It receives polydir path as $1, the instance path as $2, +# a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3, +# and user name in $4. # -# If you intend to polyinstantiate /tmp and you also want to use the X windows -# environment, you will have to use this script to bind mount the socket that -# is used by the X server to communicate with its clients. X server places -# this socket in /tmp/.X11-unix directory, which will get obscured by -# polyinstantiation. Uncommenting the following lines will bind mount -# the relevant directory at an alternative location (/.tmp/.X11-unix) such -# that the X server, window manager and X clients, can still find the -# socket X0 at the polyinstanted /tmp/.X11-unix. -# -#if [ $1 = /tmp ]; then -# if [ ! -f /.tmp/.X11-unix ]; then -# mkdir -p /.tmp/.X11-unix -# fi -# mount --bind /tmp/.X11-unix /.tmp/.X11-unix -# cp -fp -- /tmp/.X0-lock "$2/.X0-lock" -# mkdir -- "$2/.X11-unix" -# ln -fs -- /.tmp/.X11-unix/X0 "$2/.X11-unix/X0" -#fi +# The following section will copy the contents of /etc/skel if this is a +# newly created home directory. +if [ "$3" = 1 ]; then + # This line will fix the labeling on all newly created directories + [ -x /sbin/restorecon ] && /sbin/restorecon "$1" + user="$4" + passwd=$(getent passwd "$user") + homedir=$(echo "$passwd" | cut -f6 -d":") + if [ "$1" = "$homedir" ]; then + gid=$(echo "$passwd" | cut -f4 -d":") + cp -rT /etc/skel "$homedir" + chown -R "$user":"$gid" "$homedir" + mode=$(awk '/^UMASK/{gsub("#.*$", "", $2); printf "%o", and(0777,compl(strtonum("0" $2))); exit}' /etc/login.defs) + chmod ${mode:-700} "$homedir" + [ -x /sbin/restorecon ] && /sbin/restorecon -R "$homedir" + fi +fi exit 0 |