summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/guest-account.sh224
-rw-r--r--debian/guest-session-setup.sh34
-rw-r--r--debian/guest-session-startup.desktop5
-rw-r--r--debian/guest-session.profile1
-rw-r--r--debian/lightdm.install1
-rwxr-xr-xdebian/rules2
6 files changed, 130 insertions, 137 deletions
diff --git a/debian/guest-account.sh b/debian/guest-account.sh
index c09d886b..ffc44eb5 100644
--- a/debian/guest-account.sh
+++ b/debian/guest-account.sh
@@ -20,216 +20,166 @@ fi
add_account ()
{
- HOME=`mktemp -td guest-XXXXXX`
- USER=`echo $HOME | sed 's/\(.*\)guest/guest/'`
- PRE_HOME="/tmp/.pre-${USER}"
+ HOME=$(mktemp -td guest-XXXXXX)
+ USER=$(echo ${HOME} | sed 's/\(.*\)guest/guest/')
- # if $USER already exists, it must be a locked system account with no existing
+ # if ${USER} already exists, it must be a locked system account with no existing
# home directory
- if PWSTAT=`passwd -S "$USER"` 2>/dev/null; then
- if [ "`echo \"$PWSTAT\" | cut -f2 -d\ `" != "L" ]; then
- echo "User account $USER already exists and is not locked"
+ if PWSTAT=$(passwd -S ${USER}) 2>/dev/null; then
+ if [ $(echo ${PWSTAT} | cut -f2 -d' ') != L ]; then
+ echo "User account ${USER} already exists and is not locked"
exit 1
fi
- PWENT=`getent passwd "$USER"` || {
- echo "getent passwd $USER failed"
+ PWENT=$(getent passwd ${USER}) || {
+ echo "getent passwd ${USER} failed"
exit 1
}
- GUEST_UID=`echo "$PWENT" | cut -f3 -d:`
- if [ "$GUEST_UID" -ge 500 ]; then
- echo "Account $USER is not a system user"
+ GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)
+ if [ ${GUEST_UID} -ge 500 ]; then
+ echo "Account ${USER} is not a system user"
exit 1
fi
- HOME=`echo "$PWENT" | cut -f6 -d:`
- if [ "$HOME" != / ] && [ "${HOME#/tmp}" = "$HOME" ] && [ -d "$HOME" ]; then
- echo "Home directory of $USER already exists"
+ HOME=$(echo ${PWENT} | cut -f6 -d:)
+ if [ ${HOME} != / ] && [ ${HOME#/tmp} = ${HOME} ] && [ -d ${HOME} ]; then
+ echo "Home directory of ${USER} already exists"
exit 1
fi
else
# does not exist, so create it
- adduser --system --no-create-home --home / --gecos $(gettext "Guest") --group --shell /bin/bash $USER || {
- umount "$HOME"
- rm -rf "$HOME"
- umount "$PRE_HOME"
- rm -rf "$PRE_HOME"
- exit 1
+ adduser --system --no-create-home --home / --gecos $(gettext "Guest") --group --shell /bin/bash ${USER} || {
+ umount ${HOME}
+ rm -rf ${HOME}
+ exit 1
}
fi
- gs_skel=/etc/guest-session/skel/
+ dist_gs=/usr/share/lightdm/guest-session
+ site_gs=/etc/guest-session
- if [ -d "$gs_skel" ] && [ -n "`find $gs_skel -type f`" ]; then
+ # create temporary home directory
+ mount -t tmpfs -o mode=700,uid=${USER} none ${HOME} || {
+ rm -rf ${HOME}
+ exit 1
+ }
+
+ if [ -d ${site_gs}/skel ] && [ -n $(find ${site_gs}/skel -type f) ]; then
# Only perform union-mounting if BindFS is available
if [ -x /usr/bin/bindfs ]; then
- # create temporary home directory
- mkdir "$PRE_HOME"
- mount -t tmpfs -o mode=700 none "$PRE_HOME" || { rm -rf "$PRE_HOME" "$HOME"; exit 1; }
- mkdir ${PRE_HOME}/lower ${PRE_HOME}/upper
- chown -R $USER:$USER "$PRE_HOME"
-
- # Wrap ${gs_skel} in a BindFS mount, so that
- # guest account will see itself as the owner of ${gs_skel}'s contents.
- bindfs -r -M $USER $gs_skel ${PRE_HOME}/lower || {
- rm -rf "$PRE_HOME"
- rm -rf "$HOME"
- exit 1
- }
+ bindfs_mount=true
# Try OverlayFS first
if modinfo -n overlay >/dev/null 2>&1; then
- mkdir ${PRE_HOME}/work
- chown $USER:$USER ${PRE_HOME}/work
- mount -t overlay -o lowerdir=${PRE_HOME}/lower,upperdir=${PRE_HOME}/upper,workdir=${PRE_HOME}/work overlay $HOME || {
- umount ${PRE_HOME}/lower
- umount "$PRE_HOME"
- rm -rf "$PRE_HOME"
- rm -rf "$HOME"
+ mkdir ${HOME}/upper ${HOME}/work
+ chown ${USER}:${USER} ${HOME}/upper ${HOME}/work
+ mount -t overlay -o lowerdir=${dist_gs}/skel:${site_gs}/skel,upperdir=${HOME}/upper,workdir=${HOME}/work overlay ${HOME} || {
+ umount ${HOME}
+ rm -rf ${HOME}
exit 1
}
# If OverlayFS is not available, try AuFS
elif [ -x /sbin/mount.aufs ]; then
- mount -t aufs -o br=${PRE_HOME}/upper:${PRE_HOME}/lower none $HOME || {
- umount ${PRE_HOME}/lower
- umount "$PRE_HOME"
- rm -rf "$PRE_HOME"
- rm -rf "$HOME"
+ mount -t aufs -o br=${HOME}:${dist_gs}/skel:${site_gs}/skel none ${HOME} || {
+ umount ${HOME}
+ rm -rf ${HOME}
exit 1
}
# If none of them is available, fall back to copy over
else
- umount ${PRE_HOME}/lower
- umount "$PRE_HOME"
- rm -rf "$PRE_HOME"
- mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
- cp -rT $gs_skel "$HOME"
- chown -R $USER:$USER "$HOME"
+ cp -rT ${site_gs}/skel/ ${HOME}
+ cp -rT ${dist_gs}/skel/ ${HOME}
+ chown -R ${USER}:${USER} ${HOME}
+ bindfs_mount=false
+ fi
+
+ if ${bindfs_mount}; then
+ # Wrap ${HOME} in a BindFS mount, so that
+ # ${USER} will be seen as the owner of ${HOME}'s contents.
+ bindfs -u ${USER} -g ${USER} ${HOME} ${HOME} || {
+ umount ${HOME} # union mount
+ umount ${HOME} # tmpfs mount
+ rm -rf ${HOME}
+ exit 1
+ }
fi
# If BindFS is not available, just fall back to copy over
else
- mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
- cp -rT $gs_skel "$HOME"
- chown -R $USER:$USER "$HOME"
+ cp -rT ${site_gs}/skel/ ${HOME}
+ cp -rT ${dist_gs}/skel/ ${HOME}
+ chown -R ${USER}:${USER} ${HOME}
fi
else
- mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
- cp -rT /etc/skel/ "$HOME"
- chown -R $USER:$USER "$HOME"
+ cp -rT /etc/skel/ ${HOME}
+ cp -rT ${dist_gs}/skel/ ${HOME}
+ chown -R ${USER}:${USER} ${HOME}
fi
- usermod -d "$HOME" "$USER"
+ usermod -d ${HOME} ${USER}
- #
# setup session
- #
-
- # disable some services that are unnecessary for the guest session
- mkdir --parents "$HOME"/.config/autostart
- cd /etc/xdg/autostart/
- services="jockey-kde.desktop jockey-gtk.desktop update-notifier.desktop user-dirs-update-gtk.desktop"
- for service in $services
- do
- if [ -e /etc/xdg/autostart/"$service" ] ; then
- cp "$service" "$HOME"/.config/autostart
- echo "X-GNOME-Autostart-enabled=false" >> "$HOME"/.config/autostart/"$service"
- fi
- done
+ su ${USER} -c "env HOME=${HOME} site_gs=${site_gs} ${dist_gs}/setup.sh"
- # disable Unity shortcut hint
- mkdir -p "$HOME"/.cache/unity
- touch "$HOME"/.cache/unity/first_run.stamp
-
- STARTUP="$HOME"/.config/autostart/startup-commands.desktop
- echo "[Desktop Entry]" > $STARTUP
- echo "Name=Startup commands" >> $STARTUP
- echo "Type=Application" >> $STARTUP
- echo "NoDisplay=true" >> $STARTUP
- echo "Exec=/usr/lib/lightdm/guest-session-auto.sh" >> $STARTUP
-
- echo "export DIALOG_SLEEP=4" >> "$HOME"/.profile
-
- mkdir -p "$HOME"/.kde/share/config
- echo "[Basic Settings]" >> "$HOME"/.kde/share/config/nepomukserverrc
- echo "Start Nepomuk=false" >> "$HOME"/.kde/share/config/nepomukserverrc
-
- echo "[Event]" >> "$HOME"/.kde/share/config/notificationhelper
- echo "hideHookNotifier=true" >> "$HOME"/.kde/share/config/notificationhelper
- echo "hideInstallNotifier=true" >> "$HOME"/.kde/share/config/notificationhelper
- echo "hideRestartNotifier=true" >> "$HOME"/.kde/share/config/notificationhelper
-
- # Load restricted session
- #dmrc='[Desktop]\nSession=guest-restricted'
- #/bin/echo -e "$dmrc" > "$HOME"/.dmrc
-
- # set possible local guest session preferences
- if [ -f /etc/guest-session/prefs.sh ]; then
- . /etc/guest-session/prefs.sh
- fi
-
- chown -R $USER:$USER "$HOME"
-
- echo $USER
+ echo ${USER}
}
remove_account ()
{
- GUEST_USER=$1
+ GUEST_USER=${1}
- PWENT=`getent passwd "$GUEST_USER"` || {
- echo "Error: invalid user $GUEST_USER"
+ PWENT=$(getent passwd ${GUEST_USER}) || {
+ echo "Error: invalid user ${GUEST_USER}"
exit 1
}
- GUEST_UID=`echo "$PWENT" | cut -f3 -d:`
- GUEST_HOME=`echo "$PWENT" | cut -f6 -d:`
- GUEST_PRE_HOME=/tmp/.pre-$GUEST_USER
+ GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)
+ GUEST_HOME=$(echo ${PWENT} | cut -f6 -d:)
- if [ "$GUEST_UID" -ge 500 ]; then
- echo "Error: user $GUEST_USER is not a system user."
+ if [ ${GUEST_UID} -ge 500 ]; then
+ echo "Error: user ${GUEST_USER} is not a system user."
exit 1
fi
- if [ "${GUEST_HOME}" = "${GUEST_HOME#/tmp/}" ]; then
- echo "Error: home directory $GUEST_HOME is not in /tmp/."
+ if [ ${GUEST_HOME} = ${GUEST_HOME#/tmp/} ]; then
+ echo "Error: home directory ${GUEST_HOME} is not in /tmp/."
exit 1
fi
# kill all remaining processes
- while ps h -u "$GUEST_USER" >/dev/null; do
- killall -9 -u "$GUEST_USER" || true
+ while ps h -u ${GUEST_USER} >/dev/null; do
+ killall -9 -u ${GUEST_USER} || true
sleep 0.2;
done
- umount "$GUEST_HOME" || umount -l "$GUEST_HOME" || true
- rm -rf "$GUEST_HOME"
- umount ${GUEST_PRE_HOME}/lower || umount -l ${GUEST_PRE_HOME}/lower || true
- umount "$GUEST_PRE_HOME" || umount -l "$GUEST_PRE_HOME" || true
- rm -rf "$GUEST_PRE_HOME"
+ umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # BindFS mount
+ umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # union mount
+ umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # tmpfs mount
+ rm -rf ${GUEST_HOME}
# remove leftovers in /tmp
- find /tmp -mindepth 1 -maxdepth 1 -uid "$GUEST_UID" -print0 | xargs -0 rm -rf || true
+ find /tmp -mindepth 1 -maxdepth 1 -uid ${GUEST_UID} -print0 | xargs -0 rm -rf || true
# remove possible /media/guest-XXXXXX folder
- if [ -d /media/"$GUEST_USER" ]; then
- for dir in $( find /media/"$GUEST_USER" -mindepth 1 -maxdepth 1 ); do
- umount "$dir" || true
+ if [ -d /media/${GUEST_USER} ]; then
+ for dir in $(find /media/${GUEST_USER} -mindepth 1 -maxdepth 1); do
+ umount ${dir} || true
done
- rmdir /media/"$GUEST_USER" || true
+
+ rmdir /media/${GUEST_USER} || true
fi
- deluser --system "$GUEST_USER"
+ deluser --system ${GUEST_USER}
}
-case "$1" in
+case ${1} in
add)
add_account
;;
remove)
- if [ -z $2 ] ; then
- echo "Usage: $0 remove [account]"
+ if [ -z ${2} ] ; then
+ echo "Usage: ${0} remove [account]"
exit 1
fi
- remove_account $2
+ remove_account ${2}
;;
*)
- echo "Usage: $0 add|remove"
+ echo "Usage: ${0} add|remove"
exit 1
esac
diff --git a/debian/guest-session-setup.sh b/debian/guest-session-setup.sh
new file mode 100644
index 00000000..9e1300db
--- /dev/null
+++ b/debian/guest-session-setup.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+HOME=${HOME:-$(getent passwd $(whoami) | cut -f6 -d:)}
+site_gs=${site_gs:-/etc/guest-session}
+
+# disable some services that are unnecessary for the guest session
+services="jockey-kde.desktop jockey-gtk.desktop update-notifier.desktop user-dirs-update-gtk.desktop"
+
+for service in ${services}; do
+ if [ -e /etc/xdg/autostart/${service} ]; then
+ [ -f ${HOME}/.config/autostart/${service} ] || cp /etc/xdg/autostart/${service} ${HOME}/.config/autostart
+ echo "X-GNOME-Autostart-enabled=false" >> ${HOME}/.config/autostart/${service}
+ fi
+done
+
+# disable Unity shortcut hint
+[ -d ${HOME}/.cache/unity ] || mkdir -p ${HOME}/.cache/unity
+touch ${HOME}/.cache/unity/first_run.stamp
+
+[ -d ${HOME}/.kde/share/config ] || mkdir -p ${HOME}/.kde/share/config
+echo "[Basic Settings]" >> ${HOME}/.kde/share/config/nepomukserverrc
+echo "Start Nepomuk=false" >> ${HOME}/.kde/share/config/nepomukserverrc
+
+echo "[Event]" >> ${HOME}/.kde/share/config/notificationhelper
+echo "hideHookNotifier=true" >> ${HOME}/.kde/share/config/notificationhelper
+echo "hideInstallNotifier=true" >> ${HOME}/.kde/share/config/notificationhelper
+echo "hideRestartNotifier=true" >> ${HOME}/.kde/share/config/notificationhelper
+
+# Load restricted session
+#dmrc='[Desktop]\nSession=guest-restricted'
+#/bin/echo -e ${dmrc} > ${HOME}/.dmrc
+
+# set possible local guest session preferences
+[ -f ${site_gs}/prefs.sh ] && . ${site_gs}/prefs.sh
diff --git a/debian/guest-session-startup.desktop b/debian/guest-session-startup.desktop
new file mode 100644
index 00000000..676d72e6
--- /dev/null
+++ b/debian/guest-session-startup.desktop
@@ -0,0 +1,5 @@
+[Desktop Entry]
+Name=Custom startup commands for LightDM guest session
+Type=Application
+NoDisplay=true
+Exec=/usr/lib/lightdm/guest-session-auto.sh
diff --git a/debian/guest-session.profile b/debian/guest-session.profile
new file mode 100644
index 00000000..38d441c9
--- /dev/null
+++ b/debian/guest-session.profile
@@ -0,0 +1 @@
+DIALOG_SLEEP=4
diff --git a/debian/lightdm.install b/debian/lightdm.install
index 53becd25..01ce61ac 100644
--- a/debian/lightdm.install
+++ b/debian/lightdm.install
@@ -12,6 +12,7 @@ etc/apparmor.d
debian/lightdm-session usr/sbin
debian/config-error-dialog.sh usr/lib/lightdm
debian/guest-session-auto.sh usr/lib/lightdm
+debian/guest-session-startup.desktop usr/share/lightdm/guest-session/skel/.config/autostart
debian/lightdm-greeter-session usr/lib/lightdm
debian/source_lightdm.py usr/share/apport/package-hooks
debian/50-xserver-command.conf usr/share/lightdm/lightdm.conf.d
diff --git a/debian/rules b/debian/rules
index d4ee0c17..921ca716 100755
--- a/debian/rules
+++ b/debian/rules
@@ -27,6 +27,8 @@ override_dh_install:
# we do install pam through installpam and init through installinit
dh_install -X.a -X.la -Xpam.d -X'etc/init/lightdm.conf' --fail-missing
install -D debian/guest-account.sh debian/lightdm/usr/sbin/guest-account
+ install -D -m 755 debian/guest-session-setup.sh debian/lightdm/usr/share/lightdm/guest-session/setup.sh
+ install -D debian/guest-session.profile debian/lightdm/usr/share/lightdm/guest-session/skel/.profile
chmod +x debian/lightdm/usr/lib/lightdm/lightdm-greeter-session
chmod +x debian/lightdm/usr/lib/lightdm/guest-session-auto.sh