ssfs view ssfs-server @ rev 15

ssf-server: Add check-vdisk to check vdisk filesystem
author Christophe Lincoln <pankso@slitaz.org>
date Sat Jun 11 23:11:23 2011 +0200 (2011-06-11)
parents 751ef97a4ffa
children 6034fcc9741c
line source
1 #!/bin/sh
2 #
3 # SliTaz Secure File Storage server side tool.
4 #
5 # Copyright (C) SliTaz GNU/Linux - BSD License
6 # Author: Christophe Lincoln <pankso@slitaz.org>
7 #
8
9 app=$(basename $0)
10 [ -f "/etc/ssfs/$app.conf" ] && . /etc/ssfs/$app.conf
11 [ -f "./data/$app.conf" ] && . ./data/$app.conf
12
13 # Be sure we're root.
14 [ $(id -u) != 0 ] && gettext "You must be root to run:" && \
15 echo " $app" && exit 0
16
17 # Parse cmdline options.
18 for opt in $@
19 do
20 case "$opt" in
21 --login=*)
22 login=${opt#--login=} ;;
23 --id=*)
24 id=${opt#--id=} ;;
25 --pass=*)
26 pass=${opt#--pass=} ;;
27 --root=*)
28 root=${opt#--root=} ;;
29 --vdisk=*)
30 vdisk=${opt#--vdisk=} ;;
31 --size=*)
32 size=${opt#--size=} ;;
33 *)
34 continue ;;
35 esac
36 done
37
38 [ "$root" ] || root=${SSFS_CHROOT}
39 [ "$vdisk" ] || vdisk=${SSFS_VDISK}
40 [ "$size" ] || size=${SSFS_SIZE}
41
42 #
43 # Functions
44 #
45
46 # Built-in help usage.
47 help() {
48 cat << EOT
49
50 $(echo -e "\033[1m$(gettext "Usage:")\033[0m") $app [command] [--option=]
51
52 $(echo -e "\033[1m$(gettext "Commands:")\033[0m")
53 help $(gettext "Display this short usage.")
54 users $(gettext "List user accounts and stats.")
55 adduser $(gettext "Add a user to the system with \$HOME in chroot.")
56 deluser $(gettext "Delete a user and remove \$HOME files.")
57 chroot $(gettext "Chroot to Ssfs storage root.")
58 gen-vdisk $(gettext "Create a vdisk with chroot for files storage.")
59 clean-vdisk $(gettext "Clean the vdisk but skip home and root.")
60 check-vdisk $(gettext "Check vdisk filesystem with e2fsck.")
61 mount-vdisk $(gettext "Mount ssfs virtual disk.")
62 umount-vdisk $(gettext "Unmount the vdisk and free loop device.")
63
64 $(echo -e "\033[1m$(gettext "Options:")\033[0m")
65 --login= $(gettext "Login name for add or del an user.")
66 --id= $(gettext "User id for adduser command.")
67 --pass= $(gettext "User password for adduser.")
68 --root= $(gettext "The path to the Ssfs vdisk chroot.")
69 --vdisk= $(gettext "Set the Ssfs vdisk path and name.")
70 --size= $(gettext "Set the ext3 vdisk size in Gb.")
71
72 EOT
73 }
74
75 status() {
76 [ $? = 0 ] && echo " OK"
77 [ $? = 1 ] && echo -e " ERROR\n" && exit 1
78 }
79
80 separator() {
81 echo "================================================================================"
82 }
83
84 # We have custom config when adding user to handle quota and user info.
85 user_paths() {
86 config=$SSFS_USERS/$login.conf
87 home=$root/./home/$login
88 }
89
90 user_info() {
91 cat << EOT
92
93 $(gettext "User login :") $login
94 $(gettext "User quota :") $QUOTA
95 $(gettext "Home usage :") $usage
96
97 EOT
98 }
99
100 user_config() {
101 gettext "Creating Ssfs user configuration file..."
102 cat > $config << EOT
103 # Ssfs user configuration file.
104
105 LOGIN="$login"
106 QUOTA="$DEFAULT_QUOTA"
107 EOT
108 chmod 0600 $config && status
109 echo ""
110 }
111
112 # Handle Ssfs virtual disk.
113 umount_vdisk() {
114 if mount | fgrep -q $root; then
115 loop=$(mount | fgrep $root | awk '{print $1}')
116 gettext "Unmounting Ssfs vdisk:"; echo " $vdisk"
117 umount $root && sleep 1
118 gettext "Detaching loop device:"; echo " $loop"
119 losetup -d $loop
120 else
121 gettext "Ssfs vdisk is not mounted:"; echo " $vdisk"
122 fi
123 }
124
125 mount_vdisk() {
126 if ! mount | fgrep -q $root; then
127 [ -d "$root" ] || mkdir -p $root
128 gettext "Mounting virtual disk:"
129 mount -o loop -t ext3 $vdisk $root
130 else
131 gettext "Ssfs vdisk is already mounted:"
132 fi
133 echo " $vdisk $root"
134 }
135
136 #
137 # Commands
138 #
139
140 case "$1" in
141 users)
142 gettext -e "\nChecking:"; echo " /etc/passwd"
143 fgrep "Ssfs User" /etc/passwd | while read line
144 do
145 login=$(echo $line | cut -d ":" -f 1)
146 home="$root/home/$login"
147 usage=$(du -sm $home | awk '{print $1}')
148 config=$SSFS_USERS/$login.conf
149 . $config || gettext -e "WARNING: No config file\n"
150 user_info
151 done
152 users=$(ls $SSFS_USERS | wc -l)
153 gettext "Users:"; echo -e " $users\n" ;;
154 adduser)
155 # Add a Ssfs user to the system with $HOME in chroot.
156 [ -z "$login" ] && gettext -e "Missing user login name.\n" && exit 0
157 [ -z "$id" ] && gettext -e "Missing user id.\n" && exit 0
158 [ -z "$pass" ] && gettext -e "Missing user password.\n" && exit 0
159 user_paths
160
161 gettext -e "\nChecking:"; echo " /etc/passwd"
162 if grep ^$login: /etc/passwd; then
163 gettext -e "Exiting, user already exists:"
164 echo -e " $login\n" && exit 0
165 fi
166 gettext "Creating user: $login..."
167 echo -e "$pass\n$pass" | \
168 adduser -h "$home" -g "Ssfs User" -u $id $login >/dev/null
169 status
170
171 # We don't want any files from /etc/skel.
172 gettext "Cleaning home and creating: Sync/..."
173 rm -rf $home && mkdir -p $home/Sync $home/.ssh && status
174 gettext "Changing mode on user home: 0700..."
175 chown -R $login.$login $home
176 chmod 0700 $home && status
177
178 # Create a custom config per user in SSFS_USERS.
179 [ ! -d "$SSFS_USERS" ] && mkdir -p $SSFS_USERS
180 user_config ;;
181 deluser)
182 [ -z "$login" ] && gettext -e "Missing user login name.\n" && exit 0
183 user_paths
184 gettext -e "\nDeleting user:"; echo -n " $login..."
185 deluser $login || status && status
186 gettext "Removing all files in:"; echo -n " $home..."
187 rm -rf $home && status
188 gettext "Removing user config:"; echo -n " $login.conf..."
189 rm -rf $config && status
190 echo "" ;;
191 chroot)
192 gettext -e "\nChanging root to:"; echo -e " $root\n"
193 chroot $root
194 gettext -e "\nBack to the host system:"
195 echo -e " $(hostname)\n" ;;
196 gen-vdisk)
197 # Generated a virtual disk with a minimal chroot for Ssfs users home.
198 if [ -d "$root/bin" ]; then
199 gettext -e "A chroot already exists in:"; echo " $root"
200 exit 0
201 fi
202 echo ""
203 gettext "Creating chroot in:"; echo " $root"
204 separator
205
206 # Create vdisk if missing.
207 if [ ! -f "$vdisk" ]; then
208 gettext "Creating virtual disk:"; echo " $vdisk ${size}Gb"
209 dd if=/dev/zero of=$vdisk bs=1G count=$size
210 du -sh $vdisk
211 gettext "Creating ext3 filesystem..."
212 mkfs.ext3 -q -T ext3 -L "Ssfs" -F $vdisk
213 status
214 mount_vdisk
215 fi
216
217 # Create a radicaly minimal chroot with all libs in /lib.
218 gettext "Creating base files..."
219 mkdir -p $root && cd $root
220 for d in etc tmp lib usr home root
221 do
222 mkdir -p $d
223 done && status
224 cp -a /etc/slitaz-release $root/etc
225 #cp -a /etc/nsswitch.conf $root/etc
226 echo "root:x:0:0:root:/root:/bin/sh" > etc/passwd
227 echo "root::13525:0:99999:7:::" > etc/shadow
228 echo "root:x:0:" > etc/group
229 echo "root:*::" > etc/gshadow
230
231 gettext "Setting files permissions..."
232 chmod 640 etc/shadow etc/gshadow
233 chmod 0700 root && chmod 1777 tmp
234 status
235
236 # Busybox without deps (get && extract). No system comands are allowed
237 # in /etc/busybox.conf to restrict SSHed users.
238 gettext "Installing Busybox..."
239 cd $root/tmp
240 tazpkg get busybox >/dev/null
241 tazpkg extract busybox-* >/dev/null
242 rm -rf fs && mv -f busybox-*/fs . && rm -rf busybox-*
243 cp -a fs/bin fs/sbin $root
244 cp -a fs/usr/bin fs/usr/sbin $root/usr
245 rm -rf fs
246 status
247 gettext "Creatin restrictive Busybox config file..."
248 echo '# /etc/busybox.conf: Ssfs Busybox configuration.' \
249 > $root/etc/busybox.conf
250 echo -e "\nsu = ---" >> $root/etc/busybox.conf
251 chmod 0600 $root/etc/busybox.conf
252 status
253
254 # Glib minimal libs, use host lib since package should be installed
255 # from same repo.
256 gettext "Installing Glibc libraries..."
257 for l in ld-*.*so* libc-*.*so libc.so.* libnss_files*
258 do
259 cp -a /lib/$l* $root/lib
260 done && status
261 size=$(du -sh $root | awk '{print $1}')
262 separator
263 gettext "Vdisk used space:"; echo -e " $size\n" ;;
264 mount-vdisk)
265 mount_vdisk ;;
266 umount-vdisk)
267 umount_vdisk ;;
268 check-vdisk)
269 # Check vdisk with e2fsck.
270 echo ""
271 gettext -e "Checking Ssfs virtual disk\n"
272 separator
273 gettext "Virtual disk : "; du -sh $vdisk
274 gettext "Filesystem usage : "; du -sh $root
275 gettext "Remounting vdisk read/only before e2fsck -p..."
276 mount -o remount,loop,ro $vdisk $root && status
277 e2fsck -p $vdisk
278 gettext "Remounting vdisk read/write..."
279 mount -o remount,loop,rw $vdisk $root && status
280 separator && echo "" ;;
281 clean-vdisk)
282 # clean up the vdisk storage chroot.
283 if [ ! -d "$root/bin" ] || [ ! -d "$root/usr" ]; then
284 gettext -e "No chroot found in:"; echo " $root"
285 exit 0
286 fi
287 gettext -e "\nCleaning virtual disk\n"
288 separator
289 gettext "Changing directory to:"; echo " $root"
290 cd $root
291 for dir in *
292 do
293 size=$(du -sh $dir | awk '{print $1}')
294 case "$dir" in
295 home|root|lost*)
296 gettext "Skipping:"; echo " $dir $size *" ;;
297 *)
298 gettext "Removing:"; echo " $dir $size"
299 rm -rf $dir ;;
300 esac
301 done && separator && echo "" ;;
302 *)
303 help ;;
304 esac
305 exit 0