Drop local keyword, as it may break guest-account.sh. See LP #139097.

[sojka/lightdm.git] / debian / guest-account.sh

#!/bin/sh -e
# (C) 2008 Canonical Ltd.
# Author: Martin Pitt <martin.pitt@ubuntu.com>
# License: GPL v2 or later
# modified by David D Lowe and Thomas Detoux
#
# Setup user and temporary home directory for guest session.
# If this succeeds, this script needs to print the username as the last line to
# stdout.

export TEXTDOMAINDIR=/usr/share/locale-langpack
export TEXTDOMAIN=lightdm

# set the system wide locale for gettext calls
if [ -f /etc/default/locale ]; then
  . /etc/default/locale
  LANGUAGE=
  export LANG LANGUAGE
fi

is_system_user ()
{
  UID_MIN=$(cat /etc/login.defs | grep UID_MIN | awk '{print $2}')
  SYS_UID_MIN=$(cat /etc/login.defs | grep SYS_UID_MIN | awk '{print $2}')
  SYS_UID_MAX=$(cat /etc/login.defs | grep SYS_UID_MAX | awk '{print $2}')

  SYS_UID_MIN=${SYS_UID_MIN:-101}
  SYS_UID_MAX=${SYS_UID_MAX:-$(( UID_MIN - 1 ))}

  [ ${1} -ge ${SYS_UID_MIN} ] && [ ${1} -le ${SYS_UID_MAX} ]
}

add_account ()
{
  temp_home=$(mktemp -td guest-XXXXXX)
  HOME=$(echo ${temp_home} | tr '[:upper:]' '[:lower:]')
  USER=$(echo ${HOME} | sed 's/\(.*\)guest/guest/')
  [ ${HOME} != ${temp_home} ] && mv ${temp_home} ${HOME}

  # if ${USER} already exists, it must be a locked system account with no existing
  # home directory
  if PWSTAT=$(passwd -S ${USER}) 2>/dev/null; then
    if [ $(echo ${PWSTAT} | cut -f2 -d' ') != L ]; then
      echo "User account ${USER} already exists and is not locked"
      exit 1
    fi

    PWENT=$(getent passwd ${USER}) || {
      echo "getent passwd ${USER} failed"
      exit 1
    }

    GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)

    if ! is_system_user ${GUEST_UID}; then
      echo "Account ${USER} is not a system user"
      exit 1
    fi

    HOME=$(echo ${PWENT} | cut -f6 -d:)

    if [ ${HOME} != / ] && [ ${HOME#/tmp} = ${HOME} ] && [ -d ${HOME} ]; then
      echo "Home directory of ${USER} already exists"
      exit 1
    fi
  else
    # does not exist, so create it
    useradd --system --home-dir / --comment $(gettext "Guest") --user-group --shell /bin/bash ${USER} || {
      rm -rf ${HOME}
      exit 1
    }
  fi

  dist_gs=/usr/share/lightdm/guest-session
  site_gs=/etc/guest-session

  # create temporary home directory
  mount -t tmpfs -o mode=700,uid=${USER} none ${HOME} || {
    rm -rf ${HOME}
    exit 1
  }

  if [ -d ${site_gs}/skel ] && [ -n $(find ${site_gs}/skel -type f) ]; then
    # Only perform union-mounting if BindFS is available
    if [ -x /usr/bin/bindfs ]; then
      bindfs_mount=true

      # Try OverlayFS first
      if modinfo -n overlay >/dev/null 2>&1; then
        mkdir ${HOME}/upper ${HOME}/work
        chown ${USER}:${USER} ${HOME}/upper ${HOME}/work

        mount -t overlay -o lowerdir=${dist_gs}/skel:${site_gs}/skel,upperdir=${HOME}/upper,workdir=${HOME}/work overlay ${HOME} || {
          umount ${HOME}
          rm -rf ${HOME}
          exit 1
        }
      # If OverlayFS is not available, try AuFS
      elif [ -x /sbin/mount.aufs ]; then
        mount -t aufs -o br=${HOME}:${dist_gs}/skel:${site_gs}/skel none ${HOME} || {
          umount ${HOME}
          rm -rf ${HOME}
          exit 1
        }
      # If none of them is available, fall back to copy over
      else
        cp -rT ${site_gs}/skel/ ${HOME}
        cp -rT ${dist_gs}/skel/ ${HOME}
        chown -R ${USER}:${USER} ${HOME}
        bindfs_mount=false
      fi

      if ${bindfs_mount}; then
        # Wrap ${HOME} in a BindFS mount, so that
        # ${USER} will be seen as the owner of ${HOME}'s contents.
        bindfs -u ${USER} -g ${USER} ${HOME} ${HOME} || {
          umount ${HOME} # union mount
          umount ${HOME} # tmpfs mount
          rm -rf ${HOME}
          exit 1
        }
      fi
    # If BindFS is not available, just fall back to copy over
    else
      cp -rT ${site_gs}/skel/ ${HOME}
      cp -rT ${dist_gs}/skel/ ${HOME}
      chown -R ${USER}:${USER} ${HOME}
    fi
  else
    cp -rT /etc/skel/ ${HOME}
    cp -rT ${dist_gs}/skel/ ${HOME}
    chown -R ${USER}:${USER} ${HOME}
  fi

  usermod -d ${HOME} ${USER}

  # setup session
  su ${USER} -c "env HOME=${HOME} site_gs=${site_gs} ${dist_gs}/setup.sh"

  echo ${USER}
}

remove_account ()
{
  GUEST_USER=${1}
  
  PWENT=$(getent passwd ${GUEST_USER}) || {
    echo "Error: invalid user ${GUEST_USER}"
    exit 1
  }

  GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)

  if ! is_system_user ${GUEST_UID}; then
    echo "Error: user ${GUEST_USER} is not a system user."
    exit 1
  fi

  GUEST_HOME=$(echo ${PWENT} | cut -f6 -d:)

  if [ ${GUEST_HOME} = ${GUEST_HOME#/tmp/} ]; then
    echo "Error: home directory ${GUEST_HOME} is not in /tmp/."
    exit 1
  fi

  # kill all remaining processes
  if [ -x /bin/loginctl ] || [ -x /usr/bin/loginctl ]; then
    loginctl terminate-user ${GUEST_USER} >/dev/null || true
  else
    while ps h -u ${GUEST_USER} >/dev/null; do 
      killall -9 -u ${GUEST_USER} || true
      sleep 0.2; 
    done
  fi

  umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # BindFS mount
  umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # union mount
  umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # tmpfs mount
  rm -rf ${GUEST_HOME}

  # remove leftovers in /tmp
  find /tmp -mindepth 1 -maxdepth 1 -uid ${GUEST_UID} -print0 | xargs -0 rm -rf || true

  # remove possible {/run,}/media/guest-XXXXXX folder
  for media_dir in /run/media/${GUEST_USER} /media/${GUEST_USER}; do
    if [ -d ${media_dir} ]; then
      for dir in $(find ${media_dir} -mindepth 1 -maxdepth 1); do
        umount ${dir} || true
      done

      rmdir ${media_dir} || true
    fi
  done

  userdel ${GUEST_USER}
}

case ${1} in
  add)
    add_account
    ;;
  remove)
    if [ -z ${2} ] ; then
      echo "Usage: ${0} remove [account]"
      exit 1
    fi

    remove_account ${2}
    ;;
  *)
    echo "Usage: ${0} add"
    echo "       ${0} remove [account]"
    exit 1
esac