"Fossies" - the Fresh Open Source Software Archive

Member "scponly-20110526/setup_chroot.sh.in" (30 Jan 2006, 7570 Bytes) of package /linux/privat/old/scponly-20110526.tgz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 #!/bin/sh
    2 #
    3 # handy functions:
    4 #
    5 # a function to display a failure message and then exit 
    6 fail ( ) {
    7     echo -e $@
    8     exit 1
    9 }
   10 
   11 # "get with default" function
   12 # this function prompts the user with a query and default reply
   13 # it returns the user reply
   14 getwd ( ) {
   15     query="$1"
   16     default="$2"
   17     echo -en "$query [$default]" | cat >&2
   18     read response
   19     if [ x$response = "x" ]; then
   20         response=$default
   21     fi
   22     echo $response
   23 }
   24 
   25 # "get yes no" function
   26 # this function prompts the user with a query and will continue to do so
   27 # until they reply with either "y" or "n"
   28 getyn ( ) {
   29     query="$@"
   30     echo -en $query | cat >&2
   31     read response
   32     while [ x$response != "xy" -a x$response != "xn" ]; do
   33         echo -e "\n'y' or 'n' only please...\n" | cat >&2
   34         echo -en $query | cat >&2
   35         read response
   36     done    
   37     echo $response
   38 }
   39 
   40 # configuration 
   41 #
   42 # set defaults
   43 defaultusername="scponly"
   44 defaulthomedirprefix="/home"
   45 defaultwriteabledir="incoming"
   46 
   47 osname=`uname -s | tr ' ' '_'`
   48 # pathname to platform/OS specific setup scripts
   49 prescript="build_extras/arch/$osname.pre.sh"
   50 postscript="build_extras/arch/$osname.post.sh"
   51 
   52 # the following is a list of binaries that will be staged in the target dir
   53 BINARIES=`@PROG_GREP@ '#define PROG_' config.h | @PROG_CUT@ -f2 -d\" | @PROG_GREP@ -v ^cd$`
   54 
   55 # we set the install path in a variable so the presetup script can overwrite it on systems
   56 # which require it
   57 INSTALL_PATHNAME="@INSTALL@"
   58 
   59 # attempt a best guess at required libs, we can append things in the presetup script if we need to
   60 LDSOFOUND=0
   61 
   62 # default to useradd, not pw
   63 USE_PW=0
   64 
   65 if [ x@PROG_LDD@ = x ]; then
   66     echo "this script requires the program ldd to determine which"
   67     fail "shared libraries to copy into your chrooted dir..."
   68 fi
   69 
   70 if [ x`uname -s` = "xOpenBSD" ]; then
   71     for bin in $BINARIES; do
   72         GREP_LIST="$GREP_LIST -e $bin"
   73     done
   74     LIB_LIST=`/usr/bin/ldd $BINARIES 2> /dev/null | /usr/bin/tr -s " " | /usr/bin/cut -f5 -d" " | /usr/bin/grep -v "^Name" | /usr/bin/grep -v $GREP_LIST | /usr/bin/sort -u`
   75 else
   76     LIB_LIST=`@PROG_LDD@ $BINARIES 2> /dev/null | @PROG_CUT@ -f2 -d\> | @PROG_CUT@ -f1 -d\( | @PROG_GREP@ "^ " | @PROG_SORT@ -u`
   77 fi
   78 
   79 #
   80 #   we also need to add some form of ld.so, here are some good guesses.
   81 #
   82 LDSO_LIST="/lib/ld.so /libexec/ld-elf.so /libexec/ld-elf.so.1 /usr/libexec/ld.so /lib/ld-linux.so.2 /usr/libexec/ld-elf.so.1"
   83 for lib in $LDSO_LIST; do
   84     if [ -f $lib ]; then
   85         LDSOFOUND=1;
   86         LIB_LIST="$LIB_LIST $lib"
   87     fi
   88 done
   89 
   90 #
   91 #   TODO - i've since forgotten which OS this is for, it should be relocated to a presetup script
   92 #
   93 /bin/ls /lib/libnss_compat* > /dev/null 2>&1 
   94 if [ $? -eq 0 ]; then
   95     LIB_LIST="$LIB_LIST /lib/libnss_compat*"
   96 fi
   97 
   98 # check that the configure options are correct for chrooted operation:
   99 
  100 if [ x@CHROOTED_NAME@ = x ] || [ ! -f ./config.h ]; then
  101     echo 
  102     echo 'your scponly build is not configured for chrooted operation.'
  103     echo 'please reconfigure as follows, then rebuild and reinstall:'
  104     echo
  105     echo './configure --enable-chrooted-binary (... other options)'
  106     echo
  107     exit 1
  108 fi
  109 
  110 if [ x@PROG_USERADD@ = x ]; then
  111     if [ x@PROG_PW@ = x ]; then
  112         echo "this script requires the program useradd or pw to add your"
  113         fail "chrooted scponly user."
  114     else
  115         USE_PW=1;
  116     fi
  117 fi
  118 
  119 # we need to be root
  120 if [ `@PROG_ID@ -u` != "0" ]; then
  121     fail "you must be root to run this script\n"
  122 fi
  123 
  124 echo
  125 echo Next we need to set the home directory for this scponly user.
  126 echo please note that the user\'s home directory MUST NOT be writeable
  127 echo by the scponly user.  this is important so that the scponly user
  128 echo cannot subvert the .ssh configuration parameters.
  129 echo
  130 echo for this reason, a writeable subdirectory will be created that
  131 echo the scponly user can write into.  
  132 echo
  133 
  134 if [ "$2" != "" ] ; then
  135     targetuser=$2
  136 else
  137 targetuser=`getwd "Username to install" "$defaultusername"`
  138 fi
  139 username_collision=`id $targetuser > /dev/null 2> /dev/null; echo $?`
  140 if [ $username_collision -eq 0 ] ; then
  141     fail "the user $targetuser already exists.  please remove this user and their home directory and try again."
  142 fi 
  143 
  144 if [ "$1" != "" ] ; then
  145     targetdir=$1
  146 else
  147 targetdir=`getwd "home directory you wish to set for this user" "$defaulthomedirprefix/$targetuser"`
  148 fi
  149 
  150 if [ "$3" != "" ] ; then
  151     writeabledir=$3
  152 else
  153 writeabledir=`getwd "name of the writeable subdirectory" "$defaultwriteabledir"`
  154 fi
  155 
  156 #
  157 #   if you would like to overwrite/extend any of the variables above, do so in the system specific
  158 #   presetup script.  
  159 #
  160 if [ -f "$prescript" ]; then
  161 #
  162 #   this system has a pre-chroot setup script, lets run it
  163 #
  164     . "$prescript"
  165 fi
  166 
  167 # if neither the presetup script or the best guess could find ld.so, we have to bail here
  168 if [ $LDSOFOUND -eq 0 ]; then
  169     fail i cant find your equivalent of ld.so
  170 fi
  171 
  172 #
  173 #   ACTUAL MODIFICATIONS BEGIN HERE
  174 #
  175 
  176 # this part shouldnt strictly be requried, but i'll leave it in until i'm sure of it
  177 if [ ! -d $targetdir ]; then
  178     $INSTALL_PATHNAME -d $targetdir
  179     @PROG_CHMOD@ 755 $targetdir
  180 fi
  181 
  182 if [ ! -d $targetdir/etc ]; then
  183     $INSTALL_PATHNAME -d $targetdir/etc
  184     @PROG_CHOWN@ 0:0 $targetdir/etc
  185     @PROG_CHMOD@ 755 $targetdir/etc
  186 fi
  187 
  188 # add all our binaries
  189 for bin in $BINARIES; do
  190     $INSTALL_PATHNAME -d $targetdir/`@PROG_DIRNAME@ $bin`
  191     $INSTALL_PATHNAME $bin $targetdir$bin
  192 done
  193 
  194 # and the libs they require
  195 if [ "x$LIB_LIST" != "x" ]; then
  196     for lib in $LIB_LIST; do
  197         $INSTALL_PATHNAME -d $targetdir/`@PROG_DIRNAME@ $lib`
  198         $INSTALL_PATHNAME $lib $targetdir/$lib
  199     done
  200 fi
  201 
  202 if [ "x$USE_PW" = x0 ] ; then
  203     @PROG_USERADD@ -d "$targetdir" -s "@prefix@/sbin/@CHROOTED_NAME@" $targetuser
  204     if [ $? -ne 0 ]; then
  205          fail "if this user exists, remove it and try again"
  206     fi
  207 else
  208     @PROG_PW@ useradd -n $targetuser -s "@prefix@/sbin/@CHROOTED_NAME@" -d "$targetdir"
  209     if [ $? -ne 0 ]; then
  210          fail "if this user exists, remove it and try again"
  211     fi
  212 fi 
  213 
  214 #
  215 #   we must ensure certain directories are root owned.
  216 #
  217 @PROG_CHOWN@ 0:0 $targetdir 
  218 if [ -d $targetdir/.ssh ]; then
  219     @PROG_CHOWN@ 0:0 $targetdir/.ssh
  220 fi
  221 
  222 if [ ! -d $targetdir/$writeabledir ]; then
  223     echo -e "\ncreating  $targetdir/$writeabledir directory for uploading files"
  224     $INSTALL_PATHNAME -o $targetuser -d $targetdir/$writeabledir
  225 fi
  226 
  227 #
  228 #   set the perms on the writeable dir so that the new user owns it
  229 #
  230 newuid=`@PROG_ID@ -u $targetuser`
  231 newgid=`@PROG_ID@ -g $targetuser`
  232 @PROG_CHOWN@ $newuid:$newgid $targetdir/$writeabledir
  233 
  234 if [ -f "$postscript" ]; then
  235 #
  236 #   this system has a post-chroot setup script, lets run it
  237 #
  238     . "$postscript"
  239 else
  240 #
  241 #   otherwise, revert to the old "best guess" system, which sucks
  242 #
  243     echo
  244     echo "Your platform ($osname) does not have a platform specific setup script."
  245     echo "This install script will attempt a best guess."
  246     echo "If you perform customizations, please consider sending me your changes."
  247     echo "Look to the templates in build_extras/arch."
  248     echo " - joe at sublimation dot org"
  249     echo
  250     if [ x@PROG_PWD_MKDB@ = x ]; then
  251     #
  252     #   ok we dont have pwd_mkdb, lets improvise:
  253     #
  254         @PROG_GREP@ $targetuser /etc/passwd > $targetdir/etc/passwd
  255 
  256     else
  257     #
  258     #   this is for systems which do have pwd_mkdb
  259     #
  260         @PROG_GREP@ $targetuser /etc/master.passwd > $targetdir/etc/master.passwd
  261         @PROG_PWD_MKDB@ -d "$targetdir/etc" $targetdir/etc/master.passwd
  262         @PROG_RM@ -rf $targetdir/etc/master.passwd $targetdir/etc/spwd.db
  263     fi
  264 fi
  265 
  266 #
  267 #   the final step is setting the password
  268 #
  269 echo "please set the password for $targetuser:"
  270 passwd $targetuser
  271 
  272 echo "if you experience a warning with winscp regarding groups, please install"
  273 echo "the provided hacked out fake groups program into your chroot, like so:"
  274 echo "cp groups $targetdir/bin/groups"