From: Mark Wooding Date: Sat, 3 Sep 2011 21:42:07 +0000 (+0100) Subject: claim-dir, claim-mem-dir: userv gadget for claiming directories. X-Git-Url: https://git.distorted.org.uk/~mdw/distorted-bits/commitdiff_plain/ba12327f41ad8773052b10970850b716677d3b5c claim-dir, claim-mem-dir: userv gadget for claiming directories. Suppose there's a part of the filesystem namespace that you want users to be able to claim bits of. The usual approach is to make the top directory of the subtree be world-writable and sticky, but this causes no end of trouble: there's potential contention for the namespace, which leads to security problems. These tools provide an alternative approach: a userv service which makes a directory named after and owned by the calling user, and with restrictive permissions. It doesn't set a group for the new directory, but the caller can do that. --- diff --git a/claim-dir b/claim-dir new file mode 100755 index 0000000..be377f9 --- /dev/null +++ b/claim-dir @@ -0,0 +1,9 @@ +#! /bin/sh + +set -e +dir="${1?dir}/$USERV_USER" +if [ ! -d "$dir" ]; then + mkdir -m700 "$dir" + chown "$USERV_USER" "$dir" +fi +echo "$dir" diff --git a/claim-mem-dir b/claim-mem-dir new file mode 100644 index 0000000..af9aa4f --- /dev/null +++ b/claim-mem-dir @@ -0,0 +1,6 @@ +### -*-conf-*- + +if grep calling-user-shell /etc/shells + suppress-args + execute /usr/local/sbin/claim-dir /mnt/mem +fi