ssfs view ssfs-server @ rev 63

ssfs-server: we dont need shadow files in chroot and add/del user from chroot /etc/group
author Christophe Lincoln <pankso@slitaz.org>
date Sun Jun 12 23:18:04 2011 +0200 (2011-06-12)
parents 9e10fc3abd71
children 09b765c4e000
line source
1 #!/bin/sh
2 #
3 # SliTaz Secure File Storage server side tool.
4 #
5 # Copyright (C) SliTaz GNU/Linux - BSD License
6 # Author: Christophe Lincoln <pankso@slitaz.org>
7 #
8
9 app=$(basename $0)
10 [ -f "/etc/ssfs/$app.conf" ] && . /etc/ssfs/$app.conf
11 [ -f "./data/$app.conf" ] && . ./data/$app.conf
12 state=/var/lib/ssfs
13 share=/usr/share/ssfs
14
15 # Be sure we're root.
16 [ $(id -u) != 0 ] && gettext "You must be root to run:" && \
17 echo " $app" && exit 0
18
19 # Parse cmdline options.
20 for opt in $@
21 do
22 case "$opt" in
23 --login=*)
24 login=${opt#--login=} ;;
25 --id=*)
26 id=${opt#--id=} ;;
27 --pass=*)
28 pass=${opt#--pass=} ;;
29 --root=*)
30 root=${opt#--root=} ;;
31 --vdisk=*)
32 vdisk=${opt#--vdisk=} ;;
33 --size=*)
34 size=${opt#--size=} ;;
35 *)
36 continue ;;
37 esac
38 done
39
40 [ "$root" ] || root=${SSFS_CHROOT}
41 [ "$vdisk" ] || vdisk=${SSFS_VDISK}
42 [ "$size" ] || size=${SSFS_SIZE}
43
44 #
45 # Functions
46 #
47
48 # Built-in help usage.
49 help() {
50 cat << EOT
51
52 $(echo -e "\033[1m$(gettext "Usage:")\033[0m") $app [command] [--option=]
53
54 $(echo -e "\033[1m$(gettext "Commands:")\033[0m")
55 help $(gettext "Display this short help usage.")
56 users $(gettext "List user accounts and stats.")
57 adduser $(gettext "Add a user to the system with \$HOME in chroot.")
58 deluser $(gettext "Delete a user and remove \$HOME files.")
59 chroot $(gettext "Chroot to Ssfs storage root.")
60 gen-vdisk $(gettext "Create a vdisk with chroot for files storage.")
61 clean-vdisk $(gettext "Clean the vdisk but skip home and root.")
62 check-vdisk $(gettext "Check the vdisk filesystem with e2fsck.")
63 mount-vdisk $(gettext "Mount a ssfs virtual disk.")
64 umount-vdisk $(gettext "Unmount the vdisk and free loop device.")
65 note $(gettext "Write a public note for users.")
66
67 $(echo -e "\033[1m$(gettext "Options:")\033[0m")
68 --login= $(gettext "Login name to add or del an user.")
69 --id= $(gettext "User id for adduser command.")
70 --pass= $(gettext "User password for adduser.")
71 --root= $(gettext "The path to the Ssfs vdisk chroot.")
72 --vdisk= $(gettext "Set the Ssfs vdisk path and name.")
73 --size= $(gettext "Set the ext3 vdisk size in Gb.")
74
75 EOT
76 }
77
78 status() {
79 [ $? = 0 ] && echo " OK"
80 [ $? = 1 ] && echo -e " ERROR\n" && exit 1
81 }
82
83 separator() {
84 echo "================================================================================"
85 }
86
87 # We have custom config when adding user to handle quota and user info.
88 user_paths() {
89 config=$SSFS_USERS/$login.conf
90 home=$root/./home/$login
91 }
92
93 user_info() {
94 cat << EOT
95
96 $(gettext "User login :") $login
97 $(gettext "User quota :") $QUOTA
98 $(gettext "Home usage :") $usage
99
100 EOT
101 }
102
103 user_config() {
104 gettext "Creating Ssfs user configuration file..."
105 cat > $config << EOT
106 # Ssfs user configuration file.
107
108 LOGIN="$login"
109 QUOTA="$DEFAULT_QUOTA"
110 EOT
111 chmod 0600 $config && status
112 echo ""
113 }
114
115 vdisk_config() {
116 cat > $root/etc/vdisk.conf << EOT
117 # /etc/vdisk.conf: Ssfs virtual auto-generated config file.
118
119 VDATE="$date"
120 VSIZE="$size"
121 FILES="$files"
122 EOT
123 }
124
125 # Handle Ssfs virtual disk.
126 umount_vdisk() {
127 if mount | fgrep -q $root; then
128 loop=$(mount | fgrep $root | awk '{print $1}')
129 gettext "Unmounting Ssfs vdisk:"; echo " $vdisk"
130 umount $root && sleep 1
131 gettext "Detaching loop device:"; echo " $loop"
132 losetup -d $loop
133 else
134 gettext "Ssfs vdisk is not mounted:"; echo " $vdisk"
135 fi
136 }
137
138 mount_vdisk() {
139 if ! mount | fgrep -q $root; then
140 [ -d "$root" ] || mkdir -p $root
141 gettext "Mounting virtual disk:"
142 mount -o loop -t ext3 $vdisk $root
143 else
144 gettext "Ssfs vdisk is already mounted:"
145 fi
146 echo " $vdisk $root"
147 }
148
149 #
150 # Commands
151 #
152
153 case "$1" in
154 users)
155 gettext -e "\nChecking:"; echo " /etc/passwd"
156 fgrep "Ssfs User" /etc/passwd | while read line
157 do
158 login=$(echo $line | cut -d ":" -f 1)
159 home="$root/home/$login"
160 usage=$(du -sm $home | awk '{print $1}')
161 config=$SSFS_USERS/$login.conf
162 . $config || gettext -e "WARNING: No config file\n"
163 user_info
164 done
165 users=$(ls $SSFS_USERS | wc -l)
166 gettext "Users:"; echo -e " $users\n" ;;
167 adduser)
168 # Add a Ssfs user to the system with $HOME in chroot.
169 [ -z "$login" ] && gettext -e "Missing user login name.\n" && exit 0
170 [ -z "$id" ] && gettext -e "Missing user id.\n" && exit 0
171 [ -z "$pass" ] && gettext -e "Missing user password.\n" && exit 0
172 user_paths
173
174 # We need chroot command allowed for users to chroot them on SSH
175 # login. Ssfs users have /bin/ssfs-sh as SHell.
176 grep -q ^chroot /etc/busybox.conf ||
177 echo 'chroot = ssx root.root' >> /etc/busybox.conf
178
179 gettext -e "\nChecking:"; echo " /etc/passwd"
180 if grep ^$login: /etc/passwd; then
181 gettext -e "Exiting, user already exists:"
182 echo -e " $login\n" && exit 0
183 fi
184
185 gettext "Creating user: $login..."
186 echo -e "$pass\n$pass" | \
187 adduser -h "$home" -g "Ssfs User" -u $id \
188 -s /bin/ssfs-sh $login >/dev/null
189 status
190
191 # Add user to chroot /etc/passwd
192 gettext "Checking vdisk chroot:"; echo " $root/etc/passwd"
193 if ! grep -q ^$login: $root/etc/passwd; then
194 echo "$login:x:$id:$id:Ssfs User:/home/$login:/bin/sh" >> \
195 $root/etc/passwd
196 echo "$login:x:$id:" >> $root/etc/group
197 fi
198
199 # We don't want any files from /etc/skel.
200 gettext "Cleaning home and creating: Sync/..."
201 rm -rf $home && mkdir -p $home/Sync $home/.ssh && status
202 gettext "Changing mode on user home: 0700..."
203 chown -R $login.$login $home
204 chmod 0700 $home && status
205
206 # Create a custom config per user in SSFS_USERS.
207 [ ! -d "$SSFS_USERS" ] && mkdir -p $SSFS_USERS
208 user_config ;;
209 deluser)
210 [ -z "$login" ] && gettext -e "Missing user login name.\n" && exit 0
211 user_paths
212 gettext -e "\nDeleting user:"; echo -n " $login..."
213 sed -i /^$login:/d $root/etc/passwd
214 sed -i /^$login:/d $root/etc/group
215 deluser $login || status && status
216 gettext "Removing all files in:"; echo -n " $home..."
217 rm -rf $home && status
218 gettext "Removing user config:"; echo -n " $login.conf..."
219 rm -rf $config && status
220 echo "" ;;
221 chroot)
222 gettext -e "\nChanging root to:"; echo -e " $root\n"
223 chroot $root
224 gettext -e "\nBack to the host system:"
225 echo -e " $(hostname)\n" ;;
226 note)
227 # Admin notes for users and displayed on the web interface.
228 note="$2"
229 date=$(date "+%Y-%m-%d %H:%M")
230 if [ "$note" ]; then
231 gettext "Adding note to:"; echo " $state/notes"
232 echo "$date : $note" >> $state/notes
233 fi ;;
234 gen-vdisk)
235 # Generate a virtual disk with a minimal chroot for Ssfs users home.
236 rootfs=$share/rootfs
237 if [ -d "$root/bin" ]; then
238 gettext "A chroot already exists in:"; echo " $root"
239 exit 0
240 fi
241 if [ ! -f "$rootfs/etc/busybox.conf" ]; then
242 gettext "Missing package ssfs-busybox"; echo
243 exit 0
244 fi
245 echo ""
246 gettext "Creating Sshs vdisk minimal chroot"; echo
247 separator
248 echo "Chroot path: $root"
249
250 # Create vdisk if missing.
251 if [ ! -f "$vdisk" ]; then
252 gettext "Creating virtual disk:"; echo " $vdisk ${size}Gb"
253 dd if=/dev/zero of=$vdisk bs=1G count=$size
254 chmod 0600 $vdisk && du -sh $vdisk
255 gettext "Creating ext3 filesystem..."
256 mkfs.ext3 -q -T ext3 -L "Ssfs" -F $vdisk
257 status
258 mount_vdisk
259 fi
260
261 # Create a radically minimal chroot with all libs in /lib.
262 gettext "Creating base files..."
263 mkdir -p $root && cd $root
264 for d in etc lib home root
265 do
266 mkdir -p $d
267 done && status
268
269 # /etc files.
270 cp -f /etc/slitaz-release $root/etc
271 if [ ! -f "$root/etc/passwd" ]; then
272 echo "root:x:0:0:root:/root:/bin/sh" > $root/etc/passwd
273 #echo "root::13525:0:99999:7:::" > $root/etc/shadow
274 echo "root:x:0:" > $root/etc/group
275 #echo "root:*::" > $root/etc/gshadow
276 fi
277
278 # /dev nodes.
279 #mknod -m 666 $root/dev/null c 1 3
280
281 # Ssfs Busybox package install files in $cache and allow easy vdisk
282 # upgrade following SliTaz repo.
283 gettext "Installing Ssfs Busybox..."
284 cp -a $rootfs/* $root
285 status
286
287 gettext "Setting files permissions..."
288 chmod 0640 $root/etc/*shadow
289 chmod 0700 $root/root
290 chmod 4755 $root/bin/busybox
291 chmod 0600 $root/etc/busybox.conf
292 status
293
294 # Glib minimal libs, use host lib since package should be installed
295 # from same repo. ? libnss_compat*
296 gettext "Installing Glibc libraries..."
297 for l in ld-*.*so* libc-*.*so libc.so.* libnss_files*
298 do
299 cp -a /lib/$l* $root/lib
300 done && status
301
302 # Ssfs chroot SHell and declare vdisk config.
303 gettext "Installing Ssfs SHell and utility..."
304 install -m 0755 /bin/ssfs-sh $root/bin
305 install -m 0755 $share/ssfs-env $root/bin
306 touch $root/etc/vdisk.conf
307 status
308
309 # List of all system files.
310 gettext "Creating the list of files... "
311 cd $root && rm -f $state/vdisk.files
312 for d in bin etc lib
313 do
314 find ./$d | sed s'/^.//' >> $state/vdisk.files
315 done
316 files=$(cat $state/vdisk.files | wc -l)
317 echo "$files"
318
319 # Create chroot /etc/vdisk.conf
320 size=$(du -sh $vdisk | awk '{print $1}')
321 used=$(du -sh $root | awk '{print $1}')
322 date=$(date '+%Y-%m-%d %H:%M')
323 vdisk_config
324 separator
325 gettext "Vdisk used space:"; echo -e " $used - $date\n" ;;
326 mount-vdisk)
327 mount_vdisk ;;
328 umount-vdisk)
329 umount_vdisk ;;
330 check-vdisk)
331 # Check vdisk with e2fsck.
332 echo ""
333 gettext -e "Checking Ssfs virtual disk\n"
334 separator
335 gettext "Virtual disk : "; du -sh $vdisk
336 gettext "Filesystem usage : "; du -sh $root
337 gettext "Remounting vdisk read/only before e2fsck -p..."
338 mount -o remount,loop,ro $vdisk $root && status
339 e2fsck -p $vdisk
340 gettext "Remounting vdisk read/write..."
341 mount -o remount,loop,rw $vdisk $root && status
342 separator && echo "" ;;
343 clean-vdisk)
344 # clean up the vdisk storage chroot.
345 if [ ! -d "$root/bin" ] || [ ! -d "$root/lib" ]; then
346 gettext -e "No chroot found in:"; echo " $root"
347 exit 0
348 fi
349 gettext -e "\nCleaning virtual disk\n"
350 separator
351 echo "Chroot path: $root"
352 cd $root
353 for dir in *
354 do
355 size=$(du -sh $dir | awk '{print $1}')
356 case "$dir" in
357 etc|home|root|lost*)
358 gettext "Skipping:"; echo " $dir $size *" ;;
359 *)
360 gettext "Removing:"; echo " $dir $size"
361 rm -rf $dir ;;
362 esac
363 done && separator && echo "" ;;
364 *)
365 help ;;
366 esac
367 exit 0