chiark - git - mdw - distorted-keys/blob - userv/claim-dir.in

   1 ### -*-conf-*-
   2 ###
   3 ### userv service for claiming a directory in a special filesystem
   4
   5 if ( glob service claim-dir
   6    & glob service-user root
   7    & grep calling-user-shell /etc/shells
   8    )
   9         no-suppress-args
  10         null-fd 0
  11         require-fd 1-2 write
  12         ignore-fd 3-
  13         no-set-environment
  14         execute sh -c "set -e; quis=$0;                                 \
  15         case $# in                                                      \
  16           1) filsys=$1 ;;                                               \
  17           *) echo >&2 \"usage: $quis FILSYS\"; exit 1 ;;                \
  18         esac;                                                           \
  19         foundp=nil;                                                     \
  20         while read fs dir opts; do                                      \
  21           case \"$fs\" in                                               \
  22             \\#* | \"\") continue ;;                                    \
  23             \"$filsys\") foundp=t; break ;;                             \
  24           esac;                                                         \
  25         done <@sysconfdir@/claim-dir.tab;                               \
  26         case $foundp in                                                 \
  27           nil)                                                          \
  28             echo >&2 \"$quis: unknown filesystem \\`$filsys'\";         \
  29             exit 1                                                      \
  30             ;;                                                          \
  31         esac;                                                           \
  32         for opt in $opts; do                                            \
  33           arg=${opt#*=};                                                \
  34           case \"$opt\" in                                              \
  35             acl=*)                                                      \
  36               verdict=forbid acl=$arg;                                  \
  37               while :; do                                               \
  38                 case \"$acl\" in ?*) ;; *) break ;; esac;               \
  39                 case \"$acl\" in                                        \
  40                   *,*) word=${acl%%,*} acl=${acl#*,} ;;                 \
  41                   *) word=$acl acl=\"\" ;;                              \
  42                 esac;                                                   \
  43                 case \"$word\" in                                       \
  44                   -*) sense=forbid word=${word#-} ;;                    \
  45                   *) sense=allow word=$word ;;                          \
  46                 esac;                                                   \
  47                 case \"$word\" in                                       \
  48                   %*) pat=${word#%} list=\"$USERV_GROUP $USERV_GID\" ;; \
  49                   *) pat=$word list=\"$USERV_USER $USERV_UID\" ;;       \
  50                 esac;                                                   \
  51                 matchp=nil;                                             \
  52                 for i in $list; do                                      \
  53                   case \"$i\" in $pat) matchp=t; break ;; esac;         \
  54                 done;                                                   \
  55                 case $matchp in t) verdict=$sense; break ;; esac;       \
  56               done;                                                     \
  57               case $verdict in                                          \
  58                 forbid)                                                 \
  59                   echo >&2 \"$quis: permission denied\";                \
  60                   exit 1                                                \
  61                   ;;                                                    \
  62               esac                                                      \
  63               ;;                                                        \
  64             mount=*)                                                    \
  65               if ! mountpoint -q \"$dir\"; then $arg \"$dir\"; fi       \
  66               ;;                                                        \
  67             *)                                                          \
  68               echo >&2 \"$quis: unknown option \\`$opt'\";              \
  69               exit 1                                                    \
  70               ;;                                                        \
  71           esac;                                                         \
  72         done;                                                           \
  73         set _ $USERV_USER; user=$2;                                     \
  74         set _ $USERV_GROUP; group=$2;                                   \
  75         cd \"$dir\";                                                    \
  76         if [ ! -d \"$user\" ]; then                                     \
  77           mkdir -m700 \"$user\";                                        \
  78           chown \"$user:$group\" \"$user\";                             \
  79         fi;                                                             \
  80         echo \"$dir/$USERV_USER\"                                       \
  81         " claim-dir
  82 fi