source: lmd-client/trunk/fuentes/install/usr/share/ldm/rc.d.diversions/X01-localapps.lliurex @ 2549

Last change on this file since 2549 was 2549, checked in by jrpelegrina, 3 years ago

Fix whiskermenu config in semi-ligth client

File size: 10.1 KB
Line 
1#!/bin/bash
2#
3# The following is a script to set up local apps support on LTSP through LDM
4#
5
6# This hook modifies /etc/group and /etc/passwd directly with user/group
7# information gathered from the server.
8
9# This will enable us to easily bypass the need for setting up local user
10# authentication, and instead leverage the authentication already set up on
11# the server.
12
13if boolean_is_true "$LOCAL_APPS" || boolean_is_true "$LTSP_FATCLIENT"; then
14
15    # Set up local uids/gids
16
17    LOCALAPPS_CACHE=/var/cache/ltsp-localapps
18    export LOCALAPPS_CACHE
19    mkdir -p ${LOCALAPPS_CACHE} 2>/dev/null
20
21    # Copy /etc/passwd and /etc/group to cache if it does not exist (should only happen on first login)
22    for i in passwd group; do
23        if [ ! -e "${LOCALAPPS_CACHE}/${i}" ]; then
24            cp /etc/${i} "${LOCALAPPS_CACHE}/${i}"
25        else
26            cp "${LOCALAPPS_CACHE}/${i}" /etc/${i}
27        fi
28    done
29
30    # Get logged in username if not set
31    [ -z "$LDM_USERNAME" ] && LDM_USERNAME=$(ssh -S ${LDM_SOCKET} ${LDM_SERVER} 'echo ${USER}')
32
33    # Get passwd info *just* for that user
34    ssh -S ${LDM_SOCKET} ${LDM_SERVER} "/usr/bin/getent passwd ${LDM_USERNAME}" | sed -e "s/${LDM_USERNAME}/${LDM_USERNAME}/i" >>/etc/passwd
35
36    # Get all group info and copy to COMBINED_GROUP
37    COMBINED_GROUP=${LOCALAPPS_CACHE}/group.combined
38    cp /etc/group ${COMBINED_GROUP}
39    ssh -S ${LDM_SOCKET} ${LDM_SERVER} "/usr/bin/getent group" >> ${COMBINED_GROUP}
40
41    # Get the system groups that the user belongs to, so we can add him back in
42    myGroups=$(ssh -S ${LDM_SOCKET} ${LDM_SERVER} /usr/bin/getent group|egrep "[,:]${LDM_USERNAME}(,|$)"|cut -d: -f1| tr '\n' ',' | sed -e 's/,$//g')
43
44    # (/usr/bin/id is only needed because getent evidently does not return groups
45    # added by pam_group (bug in pam_group?)
46
47    myGroups1=$(ssh -S ${LDM_SOCKET} ${LDM_SERVER} LANG=C LANGUAGE=C /usr/bin/id | sed -e 's/^.*groups=//' -e 's/) .*$/)/'|cut -d= -f2|sed -e 's/[0-9]*(//g' -e 's/)//g')
48
49    # concatenate groups from different sources, stripping off prefixed and
50    # trailing commas
51    myGroups=$(echo ${myGroups},${myGroups1} | sed -e 's/^,//g' -e 's/,$//g')
52
53    # Get the user's groups specifically (in case they weren't returned by "getent group")
54    myGroups_quoted=$(echo $myGroups | sed -e "s/^/\\\'/" -e "s/$/\\\'/" -e "s/,/\\\' \\\'/g")
55    ssh -S ${LDM_SOCKET} ${LDM_SERVER} LANG=C eval getent group ${myGroups_quoted} >> ${COMBINED_GROUP}
56    unset myGroups_quoted
57
58    # Now, some groups may have different gids on the server than the client chroot
59    # So, let's prune out all the dups
60    TMPGROUP="${LOCALAPPS_CACHE}/tmpgroup"
61    [ -f "${TMPGROUP}" ] && rm ${TMPGROUP}
62    gnames=""
63    gids=""
64    # those 2 variables are there because if group is rejected because of the gid we need to create this group.
65    dgnames=""
66    ngids=""
67
68    oldifs="${IFS-not set}"
69    IFS=":"
70    while read gname gpass gid gusers; do
71        match=
72        case $gnames in
73            *:"$gname":*|*:"$gname") 
74                # group name present in the list of groups already processed.
75                match=1
76                case $gusers in
77                    "$LDM_USERNAME"|*,"$LDM_USERNAME",*|*,"$LDM_USERNAME"|"$LDM_USERNAME",*) 
78                        dgnames="$dgnames $gname,"
79                        ;;
80                esac
81                ;;
82        esac
83        case $gids in
84            *:"$gid":*|*:"$gid") 
85                # gid present in the list of gids already processed.
86                match=1
87                case $gusers in
88                    "$LDM_USERNAME"|*,"$LDM_USERNAME",*|*,"$LDM_USERNAME"|"$LDM_USERNAME",*) 
89                        ngids="$ngids $gname,"
90                        ;;
91                esac
92                ;;
93        esac
94        if [ -z "$match" ]; then
95            echo "$gname:$gpass:$gid:$gusers" >>${TMPGROUP}
96            gnames="$gnames:$gname"
97            gids="$gids:$gid"
98        fi
99    done < ${COMBINED_GROUP}
100    test "$oldifs" = "not set" && unset IFS || IFS="$oldifs"
101    # cleanup
102    dgnames=$(echo ${dgnames} | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,$//')
103    ngids=$(echo ${ngids} | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,$//')
104    tocreate=""
105    oldifs="${IFS-not set}"
106    IFS=,
107    for e in $ngids; do
108        match=
109        for f in $dgnames; do
110            if [ "$e" = "$f" ]; then
111                match=1
112            fi
113        done
114        if [ -z "$match" ]; then
115            tocreate="$tocreate $e,"
116        fi
117    done
118    tocreate=$(echo ${tocreate} | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,$//' | sed 's/^[[:blank:]]*//g')
119    test "$oldifs" = "not set" && unset IFS || IFS="$oldifs"
120
121    cp ${TMPGROUP} /etc/group
122    chmod 644 /etc/group
123
124
125    if [ -n "$myGroups" ]; then
126        if /usr/bin/test -w /etc ; then
127            oldifs="${IFS-not set}"
128            IFS=,
129            for ngroup in $tocreate; do
130                ngroup=$(echo ${ngroup} | sed -e 's/ /\\\ /g') # FIXME: Problem with AD. Space not permited here.
131                groupadd -r ${ngroup}
132            done
133            test "$oldifs" = "not set" && unset IFS || IFS="$oldifs"
134            for group in $(echo ${myGroups} | tr ',' '\n' | sort -u); do
135                /usr/sbin/usermod -a -G $group "${LDM_USERNAME}" 2>/dev/null
136            done
137        else
138            # FIXME: maybe add system groups: $tocreate into /etc/group
139            # Read-only /etc cannot use usermod
140            myGroups=$(echo ${myGroups} | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,$//')
141            oldifs="${IFS-not set}"
142            IFS=,
143            cp /etc/group $TMPGROUP
144            for group in $myGroups ; do
145                # add user to each group manually
146                line="$(egrep ^${group}: $TMPGROUP | egrep -v [:,]${LDM_USERNAME}'(,|$)' )"
147                if [ -n "$line" ]; then
148                    # add the user to the group
149                    sed -i -e "s/^$line/$line,${LDM_USERNAME}/g" -e 's/:,/:/g' $TMPGROUP
150                fi
151            done
152            cp $TMPGROUP /etc/group
153            test "$oldifs" = "not set" && unset IFS || IFS="$oldifs"
154        fi
155    fi
156
157    # Now, let's mount the home directory
158    oldifs="${IFS-not set}"
159    IFS=":"
160    export LDM_HOME=""
161    export USER_UID=""
162    export USER_GID=""
163    while read user pass uid gid gecos home shell ; do
164        # First, make the mountpoint
165        LDM_HOME="$home"
166        USER_UID="$uid"
167        USER_GID="$gid"
168        mkdir -p ${LDM_HOME}
169        rsync -ax /etc/skel/ "${LDM_HOME}/"
170        chown -R  "$USER_UID":"$USER_GID" ${LDM_HOME}
171        if [ -n "${XAUTHORITY_DIR}" ]; then
172            chown "$USER_UID":"$USER_GID" ${XAUTHORITY_DIR}
173        fi
174    done <<EOF
175$(getent passwd "$LDM_USERNAME")
176EOF
177    test "$oldifs" = "not set" && unset IFS || IFS="$oldifs"
178
179    ## Maybe do this:
180    ## export HOME=${LOCALAPPS_CACHE}
181
182    if [ -z "$SSH_FOLLOW_SYMLINKS" ]; then
183        # By default, don't follow symlinks under $HOME for localapps, as
184        # that breaks some apps that try to create locks to other filesystems.
185        # But do follow symlinks for any extra mounts.
186        follow_extra_symlinks="follow_symlinks,"
187    elif boolean_is_true "$SSH_FOLLOW_SYMLINKS"; then
188        follow_home_symlinks="follow_symlinks,"
189        follow_extra_symlinks="follow_symlinks,"
190    fi
191    # If the user's home directory is not located in the root cow device, assume
192    # that it has already been mounted with other means, e.g. with FSTAB_x.
193    if [ "$(stat -c %m "$LDM_HOME")" != "/" ]; then
194        unset SSHFS_HOME
195    else
196        unset SSHFS_HOME
197       
198        # BEGIN LLX HACK
199        #export SSHFS_HOME=true
200        #sshfs -o ${follow_home_symlinks}allow_other,ControlPath=${LDM_SOCKET} ${LDM_SERVER}:${LDM_HOME} ${LDM_HOME}
201       
202      # Create Vars
203        GRP_USER="$(id -ng ${LDM_USERNAME})"
204        NET_HOME="/net/server-sync/home/${GRP_USER}/${LDM_USERNAME}"
205
206        # Create UserFiles Structure
207        #mkdir ${LDM_HOME}/UserFiles
208        #chown -R ${LDM_USERNAME}:${GRP_USER} ${LDM_HOME}/UserFiles
209
210        # Mount SSHFS net/server-sync/home...
211        #sshfs -o ${follow_home_symlinks}allow_other,ControlPath=${LDM_SOCKET} ${LDM_USERNAME}@${LDM_SERVER}:${NET_HOME}/UserFiles ${LDM_HOME}/UserFiles
212        #echo "anem a muntar /net" > /tmp/homelinker2
213       
214       
215        if [ ! -d "/net" ] ; then
216                mkdir /net
217        fi
218       
219        sshfs -o nonempty,${follow_home_symlinks}allow_other,ControlPath=${LDM_SOCKET} ${LDM_USERNAME}@${LDM_SERVER}:/net /net
220       
221               
222        #for folder in Documents Groups Music Videos Pictures Share; do
223        #    if [ -h "${LDM_HOME}/${folder}" ]; then
224        #        echo "LLX LDM: ${LDM_HOME}/${folder} already exists" >> /var/log/ldm.log
225        #        echo "LLX LDM: ${LDM_HOME}/${folder} already exists" >> /tmp/ldm.log
226        #    else
227        #        ln -s ${LDM_HOME}/UserFiles/${folder}/ ${LDM_HOME}/${folder}
228        #        chown -R ${LDM_USERNAME}:${GRP_USER} ${LDM_HOME}/${folder}
229        #    fi 
230        #done
231
232        # END LLX HACK
233
234    fi
235
236    # Mount other directories
237    if [ -n "${LOCAL_APPS_EXTRAMOUNTS}" ]; then
238        oldifs="${IFS-not set}"
239        IFS=","
240        for extradir in ${LOCAL_APPS_EXTRAMOUNTS}; do
241            mkdir -p "${extradir}"
242            sshfs -o "${follow_extra_symlinks}allow_other,nonempty,ControlPath=${LDM_SOCKET}" "${LDM_SERVER}:${extradir}" "${extradir}"
243        done
244        test "$oldifs" = "not set" && unset IFS || IFS="$oldifs"
245    fi
246
247    # /etc/cups is usually not shipped by the cups-client package, so attempt
248    # to create it (it might fail if bind mounts are used).
249    if [ ! -d /etc/cups ]; then
250        mkdir /etc/cups || true
251    fi
252
253    # if cups is installed in the chroot, use LDM_SERVER for printing,
254    # unless the user has enabled remote printer browsing via CUPS.
255    if [ -d /etc/cups ]; then
256        if [ -n "${CUPS_SERVER}" ]; then
257            echo "ServerName ${CUPS_SERVER}" > /etc/cups/client.conf
258        elif ! grep -qsi "^Browsing on" /etc/cups/cupsd.conf; then
259       
260            # LLIUREX CHANGES #
261           
262            IP=$(getent hosts server | awk '{print $1}')
263            if [ "$IP" != "" ]; then
264                echo "ServerName ${IP}" > /etc/cups/client.conf
265            else
266                echo "ServerName ${LDM_SERVER}" > /etc/cups/client.conf
267            fi
268   
269            # #
270       
271
272        fi
273    fi
274   
275    n4d-modules enable-plugin /etc/n4d/conf.d/TeacherShare || true
276
277fi
Note: See TracBrowser for help on using the repository browser.