ssfs rev 29

Add ssfs-sh - Ssfs SHell for chrooted users with minimal env vars, also needed since chroot drop user to / by default
author Christophe Lincoln <pankso@slitaz.org>
date Sun Jun 12 09:49:52 2011 +0200 (2011-06-12)
parents c949a4a2e23e
children 537bbb97d265 d9e1240da61a
files Makefile ssfs-server ssfs-sh
line diff
     1.1 --- a/Makefile	Sun Jun 12 05:44:28 2011 +0200
     1.2 +++ b/Makefile	Sun Jun 12 09:49:52 2011 +0200
     1.3 @@ -10,13 +10,14 @@
     1.4  all:
     1.5  
     1.6  install:
     1.7 -	mkdir -p \
     1.8 +	mkdir -p $(DESTDIR)/bin \
     1.9  		$(DESTDIR)/etc/$(PACKAGE) \
    1.10  		$(DESTDIR)$(DOCDIR)/$(PACKAGE) \
    1.11  		$(DESTDIR)$(PREFIX)/bin \
    1.12  		$(DESTDIR)$(PREFIX)/sbin \
    1.13  		$(DESTDIR)/var/cache/$(PACKAGE) \
    1.14  		$(DESTDIR)$(PREFIX)/share/applications
    1.15 +	install -m 0755 $(PACKAGE)-sh $(DESTDIR)/bin
    1.16  	install -m 0755 $(PACKAGE) $(DESTDIR)$(PREFIX)/bin
    1.17  	install -m 0755 $(PACKAGE)-box $(DESTDIR)$(PREFIX)/bin
    1.18  	install -m 0755 $(PACKAGE)-server $(DESTDIR)$(PREFIX)/sbin

     2.1 --- a/ssfs-server	Sun Jun 12 05:44:28 2011 +0200
     2.2 +++ b/ssfs-server	Sun Jun 12 09:49:52 2011 +0200
     2.3 @@ -158,16 +158,30 @@
     2.4  		[ -z "$id" ] && gettext -e "Missing user id.\n" && exit 0
     2.5  		[ -z "$pass" ] && gettext -e "Missing user password.\n" && exit 0
     2.6  		user_paths
     2.7 +
     2.8 +		# We need chroot command allowed for users to chroot them on SSH
     2.9 +		# login. Ssfs user have /bin/ssfs-sh as SHell.
    2.10 +		grep -q ^chroot /etc/busybox.conf ||
    2.11 +			echo 'chroot = ssx root.root' >> /etc/busybox.conf
    2.12  		
    2.13  		gettext -e "\nChecking:"; echo " /etc/passwd"
    2.14  		if grep ^$login: /etc/passwd; then
    2.15  			gettext -e "Exiting, user already exists:"
    2.16  			echo -e " $login\n" && exit 0
    2.17  		fi
    2.18 +		
    2.19  		gettext "Creating user: $login..."
    2.20  		echo -e "$pass\n$pass" | \
    2.21 -			adduser -h "$home" -g "Ssfs User" -u $id $login >/dev/null
    2.22 +			adduser -h "$home" -g "Ssfs User" -u $id \
    2.23 +				-s /bin/ssfs-sh $login >/dev/null
    2.24  		status
    2.25 +
    2.26 +		# Add user to chroot /etc/passwd
    2.27 +		gettext "Checking vdisk chroot:"; echo " $root/etc/passwd"
    2.28 +		if ! grep -q ^$login: $root/etc/passwd; then
    2.29 +			echo "$login:x:$id:$id:Ssfs User:/home/$login:/bin/sh" >> \
    2.30 +				$root/etc/passwd
    2.31 +		fi
    2.32  		
    2.33  		# We don't want any files from /etc/skel.
    2.34  		gettext "Cleaning home and creating: Sync/..."
    2.35 @@ -183,6 +197,7 @@
    2.36  		[ -z "$login" ] && gettext -e "Missing user login name.\n" && exit 0
    2.37  		user_paths
    2.38  		gettext -e "\nDeleting user:"; echo -n " $login..."
    2.39 +		sed -i /^$login:/d $root/etc/passwd
    2.40  		deluser $login || status && status
    2.41  		gettext "Removing all files in:"; echo -n " $home..."
    2.42  		rm -rf $home && status
    2.43 @@ -228,6 +243,7 @@
    2.44  		echo "root::13525:0:99999:7:::" > etc/shadow
    2.45  		echo "root:x:0:" > etc/group
    2.46  		echo "root:*::" > etc/gshadow
    2.47 +		#mknod -m 666 $root/dev/null c 1 3
    2.48  		
    2.49  		gettext "Setting files permissions..."
    2.50  		chmod 640 etc/shadow etc/gshadow
    2.51 @@ -243,12 +259,13 @@
    2.52  		rm -rf fs && mv -f busybox-*/fs . && rm -rf busybox-*
    2.53  		cp -a fs/bin fs/sbin $root
    2.54  		cp -a fs/usr/bin fs/usr/sbin $root/usr
    2.55 -		rm -rf fs
    2.56 +		rm -rf fs && chmod 4755 $root/bin/busybox
    2.57  		status
    2.58  		gettext "Creatin restrictive Busybox config file..."
    2.59  		echo '# /etc/busybox.conf: Ssfs Busybox configuration.' \
    2.60  			> $root/etc/busybox.conf
    2.61 -		echo -e "\nsu = ---" >> $root/etc/busybox.conf
    2.62 +		echo -e "\n[SUID]" >> $root/etc/busybox.conf
    2.63 +		echo -e "su = --- root.root" >> $root/etc/busybox.conf
    2.64  		chmod 0600 $root/etc/busybox.conf
    2.65  		status
    2.66  

     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/ssfs-sh	Sun Jun 12 09:49:52 2011 +0200
     3.3 @@ -0,0 +1,25 @@
     3.4 +#!/bin/sh
     3.5 +#
     3.6 +# Ssfs users SHell - Chroot user into the virtual disk on login. This tool must
     3.7 +# be installed on server and in the vdisk chroot, it is executed when login and
     3.8 +# when chrooting.
     3.9 +#
    3.10 +
    3.11 +# Ssfs server config dont exist in chroot.
    3.12 +if [ -f /etc/ssfs/ssfs-server.conf ]; then
    3.13 +	. /etc/ssfs/ssfs-server.conf
    3.14 +	root=$SSFS_CHROOT
    3.15 +	# Make sure it's a valid Ssfs user.
    3.16 +	[ -d "$root/home/$USER" ] || exit 0
    3.17 +	clear && exec chroot $root /bin/ssfs-sh
    3.18 +else
    3.19 +	# Chroot will drop user into /, so set new HOME and cd. Set also
    3.20 +	# some env variables but dont source any profile.
    3.21 +	echo -e "\nWelcome to Ssfs SHell $USER\n"
    3.22 +	HOME=/home/$USER
    3.23 +	SYNC=$HOME/Sync
    3.24 +	SHELL=/bin/sh
    3.25 +	PS1='\u@ssfs:\e[1;33m\w\e[0m\$ '
    3.26 +	export HOME SYNC SHELL PS1
    3.27 +	cd $HOME && exec /bin/sh $@
    3.28 +fi