Commit a2cf6af4 authored by Lucas Manika Koeb's avatar Lucas Manika Koeb
Browse files

le-greeter: Change the guest username rules



The names given to the guest user are of the form "aluno-XXXXX" where
"XXXXX" is a random string.
Signed-off-by: default avatarLucas Manika Koeb <lmk08@c3sl.ufpr.br>
parent f395e42c
0.1.2
0.1.6
\ No newline at end of file
......@@ -25,10 +25,4 @@ if [ -x /usr/lib/lightdm/lightdm-set-defaults ] ; then
--greeter=unity-greeter || true
fi
# Update rc.d to run the le5-config script at every boot:
/usr/sbin/update-rc.d le5-config defaults
# Start the le5-config service
/etc/init.d/le5-config start
exit 0
......@@ -37,5 +37,3 @@ if [[ "$1" != "upgrade" ]]; then
done
fi
# Update rc.d so le5-config is no longer started at boot time
update-rc.d -f le5-config remove
#!/bin/bash
#
# Copyright (C) 2004-2012 Centro de Computacao Cientifica e Software Livre
# Departamento de Informatica - Universidade Federal do Parana - C3SL/UFPR
#
# This file is part of le5-greeter
#
# le5-greeter is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
# USA.
OUTPUT_DIR="/etc/le"
OUTPUT_FILE="/etc/le/contador"
case "$1" in
start)
mkdir -p $OUTPUT_DIR || true
echo "0" > $OUTPUT_FILE
chmod 600 $OUTPUT_FILE
;;
stop)
rm -f $OUTPUT_FILE
;;
*)
echo "Usage: /etc/init.d/le5-config {start|stop}"
exit 1
;;
esac
exit 0
......@@ -15,77 +15,65 @@
add_account ()
{
COUNT_FILE="/etc/le/contador"
HOME="/tmp/aluno-"
if [ -f $COUNT_FILE ]; then
NUM_ALUNO=$(cat $COUNT_FILE)
NUM_ALUNO=$(($NUM_ALUNO+1))
echo $NUM_ALUNO > $COUNT_FILE
else
NUM_ALUNO=1
echo $NUM_ALUNO > $COUNT_FILE
fi
HOME="$HOME$NUM_ALUNO"
mkdir "$HOME"
USER=`echo $HOME | sed 's/\(.*\)aluno/aluno/'`
HOME=`mktemp -td aluno-XXXXX`
USER=`echo $HOME | sed 's/\(.*\)aluno/aluno/'`
# if $USER already exists, it must be a locked system account with no existing
# home directory
if PWSTAT=`passwd -S "$USER"` 2>/dev/null; then
if [ "`echo \"$PWSTAT\" | cut -f2 -d\ `" != "L" ]; then
echo "User account $USER already exists and is not locked"
exit 1
fi
PWENT=`getent passwd "$USER"` || {
echo "getent passwd $USER failed"
exit 1
}
GUEST_UID=`echo "$PWENT" | cut -f3 -d:`
if [ "$GUEST_UID" -ge 500 ]; then
echo "Account $USER is not a system user"
exit 1
fi
HOME=`echo "$PWENT" | cut -f6 -d:`
if [ "$HOME" != / ] && [ "${HOME#/tmp}" = "$HOME" ] && [ -d "$HOME" ]; then
echo "Home directory of $USER already exists"
exit 1
fi
else
if PWSTAT=`passwd -S "$USER"` 2>/dev/null; then
if [ "`echo \"$PWSTAT\" | cut -f2 -d\ `" != "L" ]; then
echo "User account $USER already exists and is not locked"
exit 1
fi
PWENT=`getent passwd "$USER"` || {
echo "getent passwd $USER failed"
exit 1
}
GUEST_UID=`echo "$PWENT" | cut -f3 -d:`
if [ "$GUEST_UID" -ge 500 ]; then
echo "Account $USER is not a system user"
exit 1
fi
HOME=`echo "$PWENT" | cut -f6 -d:`
if [ "$HOME" != / ] && [ "${HOME#/tmp}" = "$HOME" ] && [ -d "$HOME" ]; then
echo "Home directory of $USER already exists"
exit 1
fi
else
# does not exist, so create it
adduser --system --no-create-home --home / --gecos "Aluno $NUM_ALUNO" --group --shell /bin/bash $USER || {
umount "$HOME"
rm -rf "$HOME"
exit 1
}
usermod $USER -aG leNetwork
fi
adduser --system --no-create-home --home / --gecos "Aluno $NUM_ALUNO" --group --shell /bin/bash $USER || {
umount "$HOME"
rm -rf "$HOME"
exit 1
}
usermod $USER -aG leNetwork
fi
# create temporary home directory
mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
chown $USER:$USER "$HOME"
gs_skel=/etc/le/home_alunos/
if [ -d "$gs_skel" ] && [ -n "`find $gs_skel -type f`" ]; then
cp -rT $gs_skel "$HOME"
else
cp -rT /etc/skel/ "$HOME"
fi
chown -R $USER:$USER "$HOME"
usermod -d "$HOME" "$USER"
mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
chown $USER:$USER "$HOME"
gs_skel=/etc/le/home_alunos/
if [ -d "$gs_skel" ] && [ -n "`find $gs_skel -type f`" ]; then
cp -rT $gs_skel "$HOME"
else
cp -rT /etc/skel/ "$HOME"
fi
chown -R $USER:$USER "$HOME"
usermod -d "$HOME" "$USER"
#
# setup session
#
# disable screensaver, to avoid locking guest out of itself (no password)
su $USER <<EOF
su $USER <<EOF
gconftool-2 --set --type bool /desktop/gnome/lockdown/disable_lock_screen True
EOF
# disable some services that are unnecessary for the guest session
mkdir --parents "$HOME"/.config/autostart
cd /etc/xdg/autostart/
services="jockey-gtk.desktop update-notifier.desktop user-dirs-update-gtk.desktop"
mkdir --parents "$HOME"/.config/autostart
cd /etc/xdg/autostart/
services="jockey-gtk.desktop update-notifier.desktop user-dirs-update-gtk.desktop"
#for service in $services
#do
# if [ -e /etc/xdg/autostart/"$service" ] ; then
......@@ -98,62 +86,62 @@ EOF
#dmrc='[Desktop]\nSession=guest-restricted'
#/bin/echo -e "$dmrc" > "$HOME"/.dmrc
chown -R $USER:$USER "$HOME"
chown -R $USER:$USER "$HOME"
# set possible local guest session preferences
if [ -f /etc/guest-session/prefs.sh ]; then
. /etc/guest-session/prefs.sh
fi
if [ -f /etc/guest-session/prefs.sh ]; then
. /etc/guest-session/prefs.sh
fi
echo $USER
echo $USER
}
remove_account ()
{
USER=$1
PWENT=`getent passwd "$USER"` || {
echo "Error: invalid user $USER"
exit 1
}
UID=`echo "$PWENT" | cut -f3 -d:`
HOME=`echo "$PWENT" | cut -f6 -d:`
if [ "$UID" -ge 500 ]; then
echo "Error: user $USER is not a system user."
exit 1
fi
if [ "${HOME}" = "${HOME#/tmp/}" ]; then
echo "Error: home directory $HOME is not in /tmp/."
exit 1
fi
USER=$1
PWENT=`getent passwd "$USER"` || {
echo "Error: invalid user $USER"
exit 1
}
UID=`echo "$PWENT" | cut -f3 -d:`
HOME=`echo "$PWENT" | cut -f6 -d:`
if [ "$UID" -ge 500 ]; then
echo "Error: user $USER is not a system user."
exit 1
fi
if [ "${HOME}" = "${HOME#/tmp/}" ]; then
echo "Error: home directory $HOME is not in /tmp/."
exit 1
fi
# kill all remaining processes
while ps h -u "$USER" >/dev/null; do
killall -9 -u "$USER" || true
sleep 0.2;
done
while ps h -u "$USER" >/dev/null; do
killall -9 -u "$USER" || true
sleep 0.2;
done
umount "$HOME" || umount -l "$HOME" || true
rm -rf "$HOME"
umount "$HOME" || umount -l "$HOME" || true
rm -rf "$HOME"
# remove leftovers in /tmp
find /tmp -mindepth 1 -maxdepth 1 -uid "$UID" -print0 | xargs -0 rm -rf || true
deluser --system "$USER"
find /tmp -mindepth 1 -maxdepth 1 -uid "$UID" -print0 | xargs -0 rm -rf || true
deluser --system "$USER"
}
case "$1" in
add)
add_account
;;
remove)
if [ -z $2 ] ; then
echo "Usage: $0 remove [account]"
exit 1
fi
remove_account $2
;;
*)
echo "Usage: $0 add|remove"
exit 1
add)
add_account
;;
remove)
if [ -z $2 ] ; then
echo "Usage: $0 remove [account]"
exit 1
fi
remove_account $2
;;
*)
echo "Usage: $0 add|remove"
exit 1
esac
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment