slish view slish @ rev 13
Tiny edits
| author | Paul Issott <paul@slitaz.org> |
|---|---|
| date | Sat Feb 01 17:29:57 2014 +0000 (2014-02-01) |
| parents | 27c18235251c |
| children |
line source
1 #!/bin/sh
2 #
3 # SliSH - The SliTaz SHell on demand. No gettext this is a pure admin
4 # mainly developed for slish.in but which can be used by other projects.
5 #
6 # Copyright (C) 2014 SliTaz GNU/Linux - BSD License
7 # Author: Christophe Lincoln <pankso@slitaz.org>
8 #
9 export LANG=en LC_ALL=en
10 . /lib/libtaz.sh
12 [ "$root" ] || root="/home/slish/chroot"
13 people="$(dirname $root)/people"
14 data="/usr/share/slish"
15 logs="$(dirname $root)/logs"
16 cache="$(dirname $root)/cache"
17 activity="$logs/activity.log"
18 queue="${cache}/signup-queue"
19 domain="slish.in"
21 # Default chroot packages
22 chrootpkgs="glibc-base slitaz-base-files ncursesw nano ytree busybox-slish
23 rhapsody tcc glibc-dev lua tinypy"
25 #
26 # Functions
27 #
29 usage() {
30 cat << EOT
32 $(boldify "Usage:") $(basename $0) [command] [--option]
34 $(boldify "Commands:")
35 info Display paths, configs and some stats
36 last Show last chrooted users
37 users List all users with name and mail
38 setup Setup SliSH server and user chroot
39 gen-chroot Generate a new default or user chroot
40 clean-chroot Clean the chroot but skip home and root
41 adduser Add a user to the server with \$HOME in chroot
42 deluser Delete a SliSH user from server and chroot
43 list-queue List users in the signup queue
44 chroot Chroot to SliSH users default chroot
46 $(boldify "Options:")
47 --root= Set the path to the SliSH or user chroot
48 --clean Clean the chroot before gen-chroot
49 --queued Add all users from the signup queue
51 EOT
52 }
54 # Setup SliSH server
55 setup() {
56 # Allow users to use the chroot command
57 if ! grep -q "^chroot =" /etc/busybox.conf; then
58 echo "Allowing all users to use: chroot"
59 echo 'chroot = ssx root.root' >> /etc/busybox.conf
60 fi
61 # Gen a chroot if not yet done
62 if [ ! -d "$root" ]; then
63 echo "Creating a chroot environment..."
64 gen_chroot
65 fi
66 # Also used by the CGI web interface
67 for dir in ${people} ${cache} ${logs}; do
68 echo "Setting up the $(basename $dir) directory..."
69 mkdir -p ${dir} && chown www.www ${dir}
70 done
71 # Activity log must be writable by users
72 touch ${activity} && chmod 0666 ${activity}
73 # Add /usr/bin/slish to /etc/shells (dropbear needs it)
74 if ! fgrep -q '/usr/bin/slish' /etc/shells; then
75 echo "Adding /bin/slish to the list of valid shells..."
76 echo '/usr/bin/slish' >> /etc/shells
77 fi
78 echo "All done!"
79 }
81 # Show user configs
82 show_queued_user() {
83 . ${queue}/${user}/account.conf
84 newline
85 separator
86 cat << EOT
87 User : $user
88 Name : $name
89 Mail : $mail
90 EOT
91 separator
92 }
94 # Gen a user config file
95 user_config() {
96 echo -n "Creating SliSH account configuration..."
97 mkdir -p ${people}/${user}
98 cat > ${people}/${user}/account.conf << EOT
99 # SliSH account configuration
101 NAME="$name"
102 USER="$user"
103 MAIL="$mail"
105 ULIMIT="-d 4096 -m 4096 -l 32 -p 5 -v 16384"
106 QUOTA="50"
108 EOT
109 chmod 0600 ${people}/${user}/account.conf
110 chown ${user}.${user} ${people}/${user}/account.conf
111 status
112 }
114 # Mail body.
115 mail_new_account() {
116 cat << EOT
117 From: SliSH <shell@${domain}>
118 To: $mail
119 Date: $(date '+%a, %d %b %Y %H:%M:%S %z')
120 Subject: SliSH - Account created
121 Content-Type: text/plain; charset=utf-8
122 Content-Transfer-Encoding: 8bit
124 Hi $name,
126 Your custom SliTaz GNU/Linux SHell is ready to use! You can login with:
128 $ ssh ${user}@${domain}
130 Visit http://slish.in and http://www.slitaz.org for the latest news about
131 both projects.
133 Happy SliTaz :-)
135 ---
136 Sent by the SliSH Mailer
138 EOT
139 }
141 # Add a new SliSH user
142 add_user() {
143 #home="$root/./home/$user"
144 home="$root/home/$user"
145 shell="/usr/bin/slish"
147 # Check values
148 if [ ! "$user" ] || [ ! "$name" ] || [ ! "$pass" ] || [ ! "$mail" ]; then
149 newline
150 echo "Missing option(s): --user= --name= --pass= --mail="
151 newline && exit 0
152 fi
154 # Exit if user already exists
155 if grep -q ^${user}: /etc/passwd; then
156 newline
157 echo -n "User already exists: "; colorize 31 "$user"
158 rm -rf ${queue}/${user}
159 newline && exit 1
160 fi
162 newline
163 echo -n "$(boldify 'Creating user:') "; colorize 34 "$user"
164 separator
165 echo -e "$pass\n$pass" | adduser -h "$home" -g "SliSH User" \
166 -s ${shell} ${user} >/dev/null
168 # Add user to chroot /etc/passwd
169 if ! grep -q ^${user}: ${root}/etc/passwd; then
170 echo -n "Adding $user to: $root"
171 grep "^$user:" /etc/passwd >> ${root}/etc/passwd
172 grep "^$user:" /etc/group >> ${root}/etc/group
173 sed -i s"!$root!!" ${root}/etc/passwd
174 status
175 fi
177 # We don't want any files from /etc/skel.
178 echo -n "Cleaning home and creating: ~/.ssh"
179 rm -rf ${home} && mkdir -p ${home}/.ssh
180 status
182 # Let a web server access an eventual ~/Public dir
183 echo -n "Changing mode on user home..."
184 chown -R ${user}.${user} ${home}
185 chown ${user}.www ${home}
186 chmod 0750 ${home}
187 chmod 0700 ${home}/.ssh
188 status
189 user_config
191 # Send mail to notify user account creation
192 if [ -x /usr/sbin/sendmail ]; then
193 echo -n "Sending mail to: $mail"
194 mail_new_account | /usr/sbin/sendmail -f "shell@${domain}" "$mail"
195 status
196 fi
197 separator && newline
198 }
200 # Add all users from the signup queue
201 add_queued_user() {
202 echo "Checking: $queue"
203 for user in $(ls ${queue})
204 do
205 . ${queue}/${user}/account.conf
206 pass=$(cat ${queue}/${user}/passwd | base64 -d)
207 add_user
208 rm -rf ${queue}/${user}
209 done
210 }
212 # Delete a SliSH user
213 del_user() {
214 home="$root/home/$user"
215 if [ ! -d "$home" ] || [ ! "$user" ]; then
216 newline
217 echo "Missing --user= name option or invalid user name"
218 newline && exit 0
219 fi
220 newline
221 echo "$(boldify 'Deleting user:') $(colorize 34 "$user")"
222 separator
223 echo -n "Removing user account from $(hostname) server"
224 deluser "$user"; status
225 sed -i "/^$user:/"d ${root}/etc/passwd
226 sed -i "/^$user:/"d ${root}/etc/group
227 echo -n "Removing all files in : $home"
228 rm -rf ${home}; status
229 echo -n "Removing user config : $people/$user"
230 rm -rf "${people}/${user}"; status
231 separator && newline
232 }
234 # Create a minimal chroot environment
235 gen_chroot() {
236 [ "$clean" ] && clean_chroot
237 if [ -d "$root/bin" ]; then
238 echo "A chroot already exists: Use -cc command or --clean option"
239 exit 1
240 fi
241 [ "$clean" ] || newline
242 boldify "Creating chroot in: $root"
243 separator
244 mkdir -p ${root}
245 for pkg in ${chrootpkgs}
246 do
247 echo -n "Installing: $pkg"
248 tazpkg -gi ${pkg} --root=${root} >/dev/null
249 status
250 done
251 echo -n "Installing: /bin/slish.sh"
252 install -m 0755 ${data}/slish.sh ${root}/bin
253 cp -a /etc/resolv.conf ${root}/etc
254 status
255 separator && newline
256 }
258 # Clean up a chroot environment
259 clean_chroot() {
260 if [ ! -d "$root/bin" ]; then
261 echo "No chroot found in: $root" && exit 0
262 fi
263 newline
264 boldify "Cleaning: $root"
265 separator
266 cd ${root}
267 for dir in *
268 do
269 size=$(du -sh $dir | awk '{print $1}')
270 case "$dir" in
271 etc|home|root|lost*) continue ;;
272 *)
273 echo -n "Removing: $dir $size"
274 rm -rf ${dir} ; status ;;
275 esac
276 done && separator && newline
277 }
279 #
280 # Handle commands
281 #
283 case "$1" in
284 info)
285 check_root
286 newline
287 boldify "Info"
288 separator
289 echo -n "Chroot size : " && du -sh ${root}
290 echo -n "Users accounts : " && ls -1 ${people} | wc -l
291 echo -n "Signup queue : " && ls -1 ${queue} | wc -l
292 separator && newline ;;
293 last)
294 check_root
295 newline
296 boldify "Last users"
297 separator
298 tac ${activity} | head -n 20
299 separator && newline ;;
300 users)
301 check_root
302 newline
303 boldify "Users list"
304 separator
305 for user in $(ls ${people})
306 do
307 . ${people}/${user}/account.conf
308 echo -n "$(colorize 34 "$user")"
309 echo -n "$(indent 20 "$NAME")" && indent 46 "<$MAIL>"
310 done
311 separator && newline ;;
312 setup)
313 check_root
314 setup ;;
315 adduser)
316 # We can adduser from cmdline or from the signup queue
317 check_root
318 if [ "$queued" ]; then
319 add_queued_user
320 else
321 add_user
322 fi ;;
323 deluser)
324 check_root
325 del_user ;;
326 -gc|gen-chroot)
327 check_root
328 gen_chroot ;;
329 -cc|clean-chroot)
330 check_root
331 clean_chroot ;;
332 -c|chroot)
333 echo "Chrooting to: $root"
334 chroot ${root} /bin/sh
335 echo "Exiting from: $root" ;;
336 -lq|list-queue)
337 # Check online signup queue but do nothing
338 for user in $(ls ${queue})
339 do
340 show_queued_user
341 done
342 echo "" ;;
343 *)
344 # /usr/bin/slish is executed on login to chroot the user
345 if [ -d "$root/home/$USER" ]; then
346 . ${people}/"$USER"/account.conf
347 log "Chrooting user: $USER"
348 ulimit $(echo "$ULIMIT")
349 exec /usr/sbin/chroot ${root} /bin/slish.sh "$@"
350 else
351 usage
352 fi ;;
353 esac
355 exit 0