| 1 | ### -*-conf-*- |
| 2 | ### |
| 3 | ### userv service for claiming a directory in a special filesystem |
| 4 | |
| 5 | if ( glob service claim-dir |
| 6 | & glob service-user root |
| 7 | & ( grep calling-user-shell /etc/shells |
| 8 | | glob calling-user-shell /dev/token-shells/userv |
| 9 | ) |
| 10 | ) |
| 11 | no-suppress-args |
| 12 | null-fd 0 |
| 13 | require-fd 1-2 write |
| 14 | ignore-fd 3- |
| 15 | no-set-environment |
| 16 | execute sh -c "set -e; quis=$0; \ |
| 17 | case $# in \ |
| 18 | 1) filsys=$1 ;; \ |
| 19 | *) echo >&2 \"usage: $quis FILSYS\"; exit 1 ;; \ |
| 20 | esac; \ |
| 21 | foundp=nil; mode=700; \ |
| 22 | while read fs dir opts; do \ |
| 23 | case \"$fs\" in \ |
| 24 | \\#* | \"\") continue ;; \ |
| 25 | \"$filsys\") foundp=t; break ;; \ |
| 26 | esac; \ |
| 27 | done <@sysconfdir@/claim-dir.tab; \ |
| 28 | case $foundp in \ |
| 29 | nil) \ |
| 30 | echo >&2 \"$quis: unknown filesystem \\`$filsys'\"; \ |
| 31 | exit 1 \ |
| 32 | ;; \ |
| 33 | esac; \ |
| 34 | for opt in $opts; do \ |
| 35 | arg=${opt#*=}; \ |
| 36 | case \"$opt\" in \ |
| 37 | acl=*) \ |
| 38 | verdict=forbid acl=$arg; \ |
| 39 | while :; do \ |
| 40 | case \"$acl\" in ?*) ;; *) break ;; esac; \ |
| 41 | case \"$acl\" in \ |
| 42 | *,*) word=${acl%%,*} acl=${acl#*,} ;; \ |
| 43 | *) word=$acl acl=\"\" ;; \ |
| 44 | esac; \ |
| 45 | case \"$word\" in \ |
| 46 | -*) sense=forbid word=${word#-} ;; \ |
| 47 | *) sense=allow word=$word ;; \ |
| 48 | esac; \ |
| 49 | case \"$word\" in \ |
| 50 | %*) pat=${word#%} list=\"$USERV_GROUP $USERV_GID\" ;; \ |
| 51 | *) pat=$word list=\"$USERV_USER $USERV_UID\" ;; \ |
| 52 | esac; \ |
| 53 | matchp=nil; \ |
| 54 | for i in $list; do \ |
| 55 | case \"$i\" in $pat) matchp=t; break ;; esac; \ |
| 56 | done; \ |
| 57 | case $matchp in t) verdict=$sense; break ;; esac; \ |
| 58 | done; \ |
| 59 | case $verdict in \ |
| 60 | forbid) \ |
| 61 | echo >&2 \"$quis: permission denied\"; \ |
| 62 | exit 1 \ |
| 63 | ;; \ |
| 64 | esac \ |
| 65 | ;; \ |
| 66 | mode=*) \ |
| 67 | mode=$arg \ |
| 68 | ;; \ |
| 69 | mount=*) \ |
| 70 | if ! mountpoint -q \"$dir\"; then $arg \"$dir\"; fi \ |
| 71 | ;; \ |
| 72 | *) \ |
| 73 | echo >&2 \"$quis: unknown option \\`$opt'\"; \ |
| 74 | exit 1 \ |
| 75 | ;; \ |
| 76 | esac; \ |
| 77 | done; \ |
| 78 | set _ $USERV_USER; user=$2; \ |
| 79 | set _ $USERV_GROUP; group=$2; \ |
| 80 | cd \"$dir\"; \ |
| 81 | if [ ! -d \"$user\" ]; then \ |
| 82 | mkdir -m$mode \"$user\"; \ |
| 83 | chown \"$user:$group\" \"$user\"; \ |
| 84 | fi; \ |
| 85 | echo \"$dir/$USERV_USER\" \ |
| 86 | " claim-dir |
| 87 | fi |