chiark - git - mdw - distorted-keys/blob - userv/claim-dir.in

   1 ### -*-conf-*-
   2 ###
   3 ### userv service for claiming a directory in a special filesystem
   4
   5 if ( glob service claim-dir
   6    & glob service-user root
   7    & ( grep calling-user-shell /etc/shells
   8      | glob calling-user-shell /dev/token-shells/userv
   9      )
  10    )
  11         no-suppress-args
  12         null-fd 0
  13         require-fd 1-2 write
  14         ignore-fd 3-
  15         no-set-environment
  16         execute sh -c "set -e; quis=$0;                                 \
  17         case $# in                                                      \
  18           1) filsys=$1 ;;                                               \
  19           *) echo >&2 \"usage: $quis FILSYS\"; exit 1 ;;                \
  20         esac;                                                           \
  21         foundp=nil;                                                     \
  22         while read fs dir opts; do                                      \
  23           case \"$fs\" in                                               \
  24             \\#* | \"\") continue ;;                                    \
  25             \"$filsys\") foundp=t; break ;;                             \
  26           esac;                                                         \
  27         done <@sysconfdir@/claim-dir.tab;                               \
  28         case $foundp in                                                 \
  29           nil)                                                          \
  30             echo >&2 \"$quis: unknown filesystem \\`$filsys'\";         \
  31             exit 1                                                      \
  32             ;;                                                          \
  33         esac;                                                           \
  34         for opt in $opts; do                                            \
  35           arg=${opt#*=};                                                \
  36           case \"$opt\" in                                              \
  37             acl=*)                                                      \
  38               verdict=forbid acl=$arg;                                  \
  39               while :; do                                               \
  40                 case \"$acl\" in ?*) ;; *) break ;; esac;               \
  41                 case \"$acl\" in                                        \
  42                   *,*) word=${acl%%,*} acl=${acl#*,} ;;                 \
  43                   *) word=$acl acl=\"\" ;;                              \
  44                 esac;                                                   \
  45                 case \"$word\" in                                       \
  46                   -*) sense=forbid word=${word#-} ;;                    \
  47                   *) sense=allow word=$word ;;                          \
  48                 esac;                                                   \
  49                 case \"$word\" in                                       \
  50                   %*) pat=${word#%} list=\"$USERV_GROUP $USERV_GID\" ;; \
  51                   *) pat=$word list=\"$USERV_USER $USERV_UID\" ;;       \
  52                 esac;                                                   \
  53                 matchp=nil;                                             \
  54                 for i in $list; do                                      \
  55                   case \"$i\" in $pat) matchp=t; break ;; esac;         \
  56                 done;                                                   \
  57                 case $matchp in t) verdict=$sense; break ;; esac;       \
  58               done;                                                     \
  59               case $verdict in                                          \
  60                 forbid)                                                 \
  61                   echo >&2 \"$quis: permission denied\";                \
  62                   exit 1                                                \
  63                   ;;                                                    \
  64               esac                                                      \
  65               ;;                                                        \
  66             mount=*)                                                    \
  67               if ! mountpoint -q \"$dir\"; then $arg \"$dir\"; fi       \
  68               ;;                                                        \
  69             *)                                                          \
  70               echo >&2 \"$quis: unknown option \\`$opt'\";              \
  71               exit 1                                                    \
  72               ;;                                                        \
  73           esac;                                                         \
  74         done;                                                           \
  75         set _ $USERV_USER; user=$2;                                     \
  76         set _ $USERV_GROUP; group=$2;                                   \
  77         cd \"$dir\";                                                    \
  78         if [ ! -d \"$user\" ]; then                                     \
  79           mkdir -m700 \"$user\";                                        \
  80           chown \"$user:$group\" \"$user\";                             \
  81         fi;                                                             \
  82         echo \"$dir/$USERV_USER\"                                       \
  83         " claim-dir
  84 fi