{
HOME=`mktemp -td guest-XXXXXX`
USER=`echo $HOME | sed 's/\(.*\)guest/guest/'`
- # Suppose that we have a "guest-template" user/group,
- # with home directory /home/guest-template.
- # If GROUP below could be set to "guest-template", we can
- # mount /home/guest-template on /etc/guest-session/skel
- # using bindfs with option "mirror-only=@guest-template", so
- # that all guest accounts would see files in /etc/guest-session/skel
- # as their own ones.
- GROUP="$USER"
- PRE_HOME="/tmp/.rw-${USER}"
+ PRE_HOME="/tmp/.pre-${USER}"
# if $USER already exists, it must be a locked system account with no existing
# home directory
fi
else
# does not exist, so create it
- adduser --system --no-create-home --home / --gecos $(gettext "Guest") --ingroup $GROUP --shell /bin/bash $USER || {
+ adduser --system --no-create-home --home / --gecos $(gettext "Guest") --group --shell /bin/bash $USER || {
umount "$HOME"
rm -rf "$HOME"
umount "$PRE_HOME"
gs_skel=/etc/guest-session/skel/
if [ -d "$gs_skel" ] && [ -n "`find $gs_skel -type f`" ]; then
- # create temporary home directory
- mkdir "$PRE_HOME"
- mount -t tmpfs -o mode=700 none "$PRE_HOME" || { rm -rf "$PRE_HOME" "$HOME"; exit 1; }
- chown $USER:$GROUP "$PRE_HOME"
-
- # Try OverlayFS first
- if modinfo -n overlay >/dev/null 2>&1; then
- mkdir ${PRE_HOME}/.upper ${PRE_HOME}/.work
- chown -R $USER:$GROUP $PRE_HOME/.*
- mount -t overlay -o lowerdir=$gs_skel,upperdir=${PRE_HOME}/.upper,workdir=${PRE_HOME}/.work overlay $HOME || {
- rm -rf "$HOME"
- umount "$PRE_HOME"
+ # Only perform union-mounting if BindFS is available
+ if [ -x /usr/bin/bindfs ]; then
+ # create temporary home directory
+ mkdir "$PRE_HOME"
+ mount -t tmpfs -o mode=700 none "$PRE_HOME" || { rm -rf "$PRE_HOME" "$HOME"; exit 1; }
+ mkdir ${PRE_HOME}/lower ${PRE_HOME}/upper
+ chown -R $USER:$USER "$PRE_HOME"
+
+ # Wrap ${gs_skel} in a BindFS mount, so that
+ # guest account will see itself as the owner of ${gs_skel}'s contents.
+ bindfs -M $USER $gs_skel ${PRE_HOME}/lower || {
rm -rf "$PRE_HOME"
+ rm -rf "$HOME"
exit 1
}
- # If OverlayFS is not available, try AuFS
- elif [ -x /sbin/mount.aufs ]; then
- mount -t aufs -o br=${PRE_HOME}:$gs_skel none $HOME || {
- rm -rf "$HOME"
+
+ # Try OverlayFS first
+ if modinfo -n overlay >/dev/null 2>&1; then
+ mkdir ${PRE_HOME}/work
+ chown $USER:$USER ${PRE_HOME}/work
+ mount -t overlay -o lowerdir=${PRE_HOME}/lower,upperdir=${PRE_HOME}/upper,workdir=${PRE_HOME}/work overlay $HOME || {
+ umount ${PRE_HOME}/lower
+ umount "$PRE_HOME"
+ rm -rf "$PRE_HOME"
+ rm -rf "$HOME"
+ exit 1
+ }
+ # If OverlayFS is not available, try AuFS
+ elif [ -x /sbin/mount.aufs ]; then
+ mount -t aufs -o br=${PRE_HOME}/upper:${PRE_HOME}/lower none $HOME || {
+ umount ${PRE_HOME}/lower
+ umount "$PRE_HOME"
+ rm -rf "$PRE_HOME"
+ rm -rf "$HOME"
+ exit 1
+ }
+ # If none of them is available, fall back to copy over
+ else
+ umount ${PRE_HOME}/lower
umount "$PRE_HOME"
rm -rf "$PRE_HOME"
- exit 1
- }
- # If none of them is available, fall back to copy over
+ mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
+ cp -rT $gs_skel "$HOME"
+ chown -R $USER:$USER "$HOME"
+ fi
+ # If BindFS is not available, just fall back to copy over
else
- umount "$PRE_HOME"
- rm -rf "$PRE_HOME"
+ mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
cp -rT $gs_skel "$HOME"
- chown -R $USER:$GROUP "$HOME"
+ chown -R $USER:$USER "$HOME"
fi
else
+ mount -t tmpfs -o mode=700 none "$HOME" || { rm -rf "$HOME"; exit 1; }
cp -rT /etc/skel/ "$HOME"
- chown -R $USER:$GROUP "$HOME"
+ chown -R $USER:$USER "$HOME"
fi
usermod -d "$HOME" "$USER"
. /etc/guest-session/prefs.sh
fi
- chown -R $USER:$GROUP "$HOME"
+ chown -R $USER:$USER "$HOME"
echo $USER
}
umount "$GUEST_HOME" || umount -l "$GUEST_HOME" || true
rm -rf "$GUEST_HOME"
+ umount ${GUEST_PRE_HOME}/lower || umount -l ${GUEST_PRE_HOME}/lower || true
umount "$GUEST_PRE_HOME" || umount -l "$GUEST_PRE_HOME" || true
rm -rf "$GUEST_PRE_HOME"
projects / sojka / lightdm.git / commitdiff