Commit | Line | Data |
---|---|---|
33aa94e8 MW |
1 | ### -*-conf-*- |
2 | ### | |
3 | ### userv service for claiming a directory in a special filesystem | |
4 | ||
5 | if ( glob service claim-dir | |
6 | & glob service-user root | |
fef0a02f MW |
7 | & ( grep calling-user-shell /etc/shells |
8 | | glob calling-user-shell /dev/token-shells/userv | |
9 | ) | |
33aa94e8 MW |
10 | ) |
11 | no-suppress-args | |
12 | null-fd 0 | |
13 | require-fd 1-2 write | |
14 | ignore-fd 3- | |
15 | no-set-environment | |
16 | execute sh -c "set -e; quis=$0; \ | |
17 | case $# in \ | |
18 | 1) filsys=$1 ;; \ | |
19 | *) echo >&2 \"usage: $quis FILSYS\"; exit 1 ;; \ | |
20 | esac; \ | |
1d1f9450 | 21 | foundp=nil; mode=700; \ |
33aa94e8 MW |
22 | while read fs dir opts; do \ |
23 | case \"$fs\" in \ | |
24 | \\#* | \"\") continue ;; \ | |
25 | \"$filsys\") foundp=t; break ;; \ | |
26 | esac; \ | |
27 | done <@sysconfdir@/claim-dir.tab; \ | |
28 | case $foundp in \ | |
29 | nil) \ | |
30 | echo >&2 \"$quis: unknown filesystem \\`$filsys'\"; \ | |
31 | exit 1 \ | |
32 | ;; \ | |
33 | esac; \ | |
34 | for opt in $opts; do \ | |
35 | arg=${opt#*=}; \ | |
36 | case \"$opt\" in \ | |
37 | acl=*) \ | |
38 | verdict=forbid acl=$arg; \ | |
39 | while :; do \ | |
40 | case \"$acl\" in ?*) ;; *) break ;; esac; \ | |
41 | case \"$acl\" in \ | |
42 | *,*) word=${acl%%,*} acl=${acl#*,} ;; \ | |
43 | *) word=$acl acl=\"\" ;; \ | |
44 | esac; \ | |
45 | case \"$word\" in \ | |
46 | -*) sense=forbid word=${word#-} ;; \ | |
47 | *) sense=allow word=$word ;; \ | |
48 | esac; \ | |
49 | case \"$word\" in \ | |
50 | %*) pat=${word#%} list=\"$USERV_GROUP $USERV_GID\" ;; \ | |
51 | *) pat=$word list=\"$USERV_USER $USERV_UID\" ;; \ | |
52 | esac; \ | |
53 | matchp=nil; \ | |
54 | for i in $list; do \ | |
55 | case \"$i\" in $pat) matchp=t; break ;; esac; \ | |
56 | done; \ | |
57 | case $matchp in t) verdict=$sense; break ;; esac; \ | |
58 | done; \ | |
59 | case $verdict in \ | |
60 | forbid) \ | |
61 | echo >&2 \"$quis: permission denied\"; \ | |
62 | exit 1 \ | |
63 | ;; \ | |
64 | esac \ | |
65 | ;; \ | |
1d1f9450 MW |
66 | mode=*) \ |
67 | mode=$arg \ | |
68 | ;; \ | |
33aa94e8 MW |
69 | mount=*) \ |
70 | if ! mountpoint -q \"$dir\"; then $arg \"$dir\"; fi \ | |
71 | ;; \ | |
72 | *) \ | |
73 | echo >&2 \"$quis: unknown option \\`$opt'\"; \ | |
74 | exit 1 \ | |
75 | ;; \ | |
76 | esac; \ | |
77 | done; \ | |
78 | set _ $USERV_USER; user=$2; \ | |
79 | set _ $USERV_GROUP; group=$2; \ | |
80 | cd \"$dir\"; \ | |
81 | if [ ! -d \"$user\" ]; then \ | |
1d1f9450 | 82 | mkdir -m$mode \"$user\"; \ |
33aa94e8 MW |
83 | chown \"$user:$group\" \"$user\"; \ |
84 | fi; \ | |
85 | echo \"$dir/$USERV_USER\" \ | |
86 | " claim-dir | |
87 | fi |