2 # (C) 2008 Canonical Ltd.
3 # Author: Martin Pitt <martin.pitt@ubuntu.com>
4 # License: GPL v2 or later
5 # modified by David D Lowe and Thomas Detoux
7 # Setup user and temporary home directory for guest session.
8 # If this succeeds, this script needs to print the username as the last line to
11 export TEXTDOMAINDIR=/usr/share/locale-langpack
12 export TEXTDOMAIN=lightdm
14 # set the system wide locale for gettext calls
15 if [ -f /etc/default/locale ]; then
23 UID_MIN=$(cat /etc/login.defs | grep UID_MIN | awk '{print $2}')
24 SYS_UID_MIN=$(cat /etc/login.defs | grep SYS_UID_MIN | awk '{print $2}')
25 SYS_UID_MAX=$(cat /etc/login.defs | grep SYS_UID_MAX | awk '{print $2}')
27 SYS_UID_MIN=${SYS_UID_MIN:-101}
28 SYS_UID_MAX=${SYS_UID_MAX:-$(( UID_MIN - 1 ))}
30 [ ${1} -ge ${SYS_UID_MIN} ] && [ ${1} -le ${SYS_UID_MAX} ]
35 temp_home=$(mktemp -td guest-XXXXXX)
36 HOME=$(echo ${temp_home} | tr '[:upper:]' '[:lower:]')
37 USER=$(echo ${HOME} | sed 's/\(.*\)guest/guest/')
38 [ ${HOME} != ${temp_home} ] && mv ${temp_home} ${HOME}
40 # if ${USER} already exists, it must be a locked system account with no existing
42 if PWSTAT=$(passwd -S ${USER}) 2>/dev/null; then
43 if [ $(echo ${PWSTAT} | cut -f2 -d' ') != L ]; then
44 echo "User account ${USER} already exists and is not locked"
48 PWENT=$(getent passwd ${USER}) || {
49 echo "getent passwd ${USER} failed"
53 GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)
55 if ! is_system_user ${GUEST_UID}; then
56 echo "Account ${USER} is not a system user"
60 HOME=$(echo ${PWENT} | cut -f6 -d:)
62 if [ ${HOME} != / ] && [ ${HOME#/tmp} = ${HOME} ] && [ -d ${HOME} ]; then
63 echo "Home directory of ${USER} already exists"
67 # does not exist, so create it
68 useradd --system --home-dir / --comment $(gettext "Guest") --user-group --shell /bin/bash ${USER} || {
74 dist_gs=/usr/share/lightdm/guest-session
75 site_gs=/etc/guest-session
77 # create temporary home directory
78 mount -t tmpfs -o mode=700,uid=${USER} none ${HOME} || {
83 if [ -d ${site_gs}/skel ] && [ -n $(find ${site_gs}/skel -type f) ]; then
84 # Only perform union-mounting if BindFS is available
85 if [ -x /usr/bin/bindfs ]; then
89 if modinfo -n overlay >/dev/null 2>&1; then
90 mkdir ${HOME}/upper ${HOME}/work
91 chown ${USER}:${USER} ${HOME}/upper ${HOME}/work
93 mount -t overlay -o lowerdir=${dist_gs}/skel:${site_gs}/skel,upperdir=${HOME}/upper,workdir=${HOME}/work overlay ${HOME} || {
98 # If OverlayFS is not available, try AuFS
99 elif [ -x /sbin/mount.aufs ]; then
100 mount -t aufs -o br=${HOME}:${dist_gs}/skel:${site_gs}/skel none ${HOME} || {
105 # If none of them is available, fall back to copy over
107 cp -rT ${site_gs}/skel/ ${HOME}
108 cp -rT ${dist_gs}/skel/ ${HOME}
109 chown -R ${USER}:${USER} ${HOME}
113 if ${bindfs_mount}; then
114 # Wrap ${HOME} in a BindFS mount, so that
115 # ${USER} will be seen as the owner of ${HOME}'s contents.
116 bindfs -u ${USER} -g ${USER} ${HOME} ${HOME} || {
117 umount ${HOME} # union mount
118 umount ${HOME} # tmpfs mount
123 # If BindFS is not available, just fall back to copy over
125 cp -rT ${site_gs}/skel/ ${HOME}
126 cp -rT ${dist_gs}/skel/ ${HOME}
127 chown -R ${USER}:${USER} ${HOME}
130 cp -rT /etc/skel/ ${HOME}
131 cp -rT ${dist_gs}/skel/ ${HOME}
132 chown -R ${USER}:${USER} ${HOME}
135 usermod -d ${HOME} ${USER}
138 su ${USER} -c "env HOME=${HOME} site_gs=${site_gs} ${dist_gs}/setup.sh"
147 PWENT=$(getent passwd ${GUEST_USER}) || {
148 echo "Error: invalid user ${GUEST_USER}"
152 GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)
154 if ! is_system_user ${GUEST_UID}; then
155 echo "Error: user ${GUEST_USER} is not a system user."
159 GUEST_HOME=$(echo ${PWENT} | cut -f6 -d:)
161 if [ ${GUEST_HOME} = ${GUEST_HOME#/tmp/} ]; then
162 echo "Error: home directory ${GUEST_HOME} is not in /tmp/."
166 # kill all remaining processes
167 if [ -x /bin/loginctl ] || [ -x /usr/bin/loginctl ]; then
168 loginctl terminate-user ${GUEST_USER} >/dev/null || true
170 while ps h -u ${GUEST_USER} >/dev/null; do
171 killall -9 -u ${GUEST_USER} || true
176 umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # BindFS mount
177 umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # union mount
178 umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # tmpfs mount
181 # remove leftovers in /tmp
182 find /tmp -mindepth 1 -maxdepth 1 -uid ${GUEST_UID} -print0 | xargs -0 rm -rf || true
184 # remove possible {/run,}/media/guest-XXXXXX folder
185 for media_dir in /run/media/${GUEST_USER} /media/${GUEST_USER}; do
186 if [ -d ${media_dir} ]; then
187 for dir in $(find ${media_dir} -mindepth 1 -maxdepth 1); do
188 umount ${dir} || true
191 rmdir ${media_dir} || true
195 userdel ${GUEST_USER}
203 if [ -z ${2} ] ; then
204 echo "Usage: ${0} remove [account]"
211 echo "Usage: ${0} add"
212 echo " ${0} remove [account]"