You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123 lines
2.1 KiB

#!@BASH@
# vim: ft=sh
msg() { printf '%s\n' "$*"; }
err() { printf '%s\n' "$*" >&2; }
usage() {
msg "Usage: userrc [-c config] [-l logdir]"
}
rc_run_wait() {
su - "$username" -s "$SHELL" -c "$homedir/.config/rc.local" &>"$logdir/${username}.log" &
wait "$!"
if (( $? )); then
msg "$homedir/.config/rc.local has returned a non-zero exit code."
fi
}
is_blacklisted() {
declare u target=$1
for u in "${users_deny[@]}"; do
if [[ "$u" == "$target" ]]; then
return 0
fi
done
return 1
}
is_whitelisted() {
declare u target=$1
for u in "${users_allow[@]}"; do
if [[ "$u" == "$target" ]]; then
return 0
fi
done
return 1
}
get_allowed_users() {
if ! [[ "$access_mode" ]]; then
access_mode='blacklist'
fi
msg "Running in $access_mode access mode."
case "${access_mode:-blacklist}" in
explicit)
while IFS=':' read -r username pass uid gid description homedir shell; do
if is_whitelisted "$username"; then
users+=( "$username:$homedir" )
fi
done < /etc/passwd
;;
blacklist)
while IFS=':' read -r username pass uid gid description homedir shell; do
if ! is_blacklisted "$username"; then
users+=( "$username:$homedir" )
fi
done < /etc/passwd
;;
esac
}
runtime_config() {
config='@CONFIG@'
cfg_logdir='@LOGDIR@'
while (( $# )); do
case "$1" in
(-c) config="$2"; shift;;
(-l) logdir="$2"; shift;;
(-h) usage; exit;;
(*) usage; exit 1;;
esac
shift
done
if [[ -f "$config" ]]; then
source "$config" || { return $?; }
else
msg "Config not found at $config. Using defaults."
fi
if ! [[ "$logdir" ]]; then
logdir="$cfg_logdir"
fi
if [[ ! -d "$logdir" ]]; then
mkdir -p "$logdir" || {
return 1
}
fi
chmod 700 "$logdir"
}
main() {
runtime_config "$@"
get_allowed_users
for u in "${users[@]}"; do
IFS=':' read -r username homedir <<< "$u"
if [[ "$homedir" && "$homedir" != '/' ]]; then
if [[ -f "$homedir/.config/rc.local" ]]; then
if [[ -x "$homedir/.config/rc.local" ]]; then
msg "Executing $homedir/.config/rc.local"
rc_run_wait
else
msg "$homedir/.config/rc.local exists, but is not executable"
fi
fi
fi
done
}
main "$@"