File: globus-gridftp-server-setup-chroot

package info (click to toggle)
globus-gridftp-server 13.11-1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 3,448 kB
  • sloc: ansic: 41,428; sh: 11,797; makefile: 277; perl: 78
file content (100 lines) | stat: -rwxr-xr-x 2,357 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
#!/bin/sh
set -e

CERT_DIR=/etc/grid-security/certificates

USAGE_ONELINE="Usage: $(basename $0) [-c CERT-DIR] -r NEW-CHROOT"
USAGE_OPTIONS="
Options:
    -c CERT-DIR                 Copy certificates from CERT-DIR to the chroot
                                [$CERT_DIR]
    -r NEW-CHROOT               New chroot directory to set up.
"

COPYFILES="/etc/passwd
           /etc/group
           /etc/hosts
           /etc/nsswitch.conf"

while getopts "c:r:h" opt; do
  case $opt in
    c ) CERT_DIR="$OPTARG";;
    r ) ROOT_DIR="$OPTARG";;
    h ) echo "$USAGE_ONELINE" "$USAGE_OPTIONS"; exit 0;;
    * ) echo "$USAGE_ONELINE"; exit 1;;
  esac
done

if [ $(id -ru) -ne 0 ]; then
    echo "This command must be run as 'root'."
    exit 1
fi
       

if [ -z "$ROOT_DIR" ]; then
    echo "ERROR: Missing required argument -r NEW-CHROOT"
    echo "$USAGE_ONELINE"
    exit 1
fi
if [ "$ROOT_DIR" -ef "/" ]; then
    echo "ERROR: Invalid root path: '$ROOT_DIR'."
    echo "$USAGE_ONELINE"
    exit 1
fi

mkdir -p -m 755 "$ROOT_DIR"
if [ ! -d "$ROOT_DIR" ]; then
    exit 1;
fi

chown root:$(id -g root) "$ROOT_DIR"
mkdir -p -m 1777 "$ROOT_DIR/tmp"
mkdir -p -m 755 "$ROOT_DIR/dev"

devs="zero null random urandom"

case $(uname) in
    Linux|Darwin|SunOS|GNU|GNU/kFreeBSD)
        (cd /dev; tar chf - $devs) | (cd "$ROOT_DIR/dev"; tar xf -)
        ;;
esac

if [ ! -c "$ROOT_DIR/dev/null" ]; then
    echo "Could not create /dev devices."
    exit 1
fi

mkdir -p "$ROOT_DIR/etc/grid-security/certificates"
gotacert=0
for file in "$CERT_DIR/"*; do
    if [ -e "$file" ]; then
        cp -LpR "$file" "$ROOT_DIR/etc/grid-security/certificates/"
        gotacert=1
    fi
done

if [ "$gotacert" = 0 ]; then
    echo "ERROR: No trusted certificates copied into"
    echo "    $ROOT_DIR/etc/grid-security/certificates"
    echo "Use the -c option to choose an alternate source for trusted"
    echo "certificates."
    exit 1
fi

for file in $COPYFILES; do
    if [ -e "$file" ]; then
        dirn="$(dirname "$file")"
        mkdir -p "$ROOT_DIR/$dirn"
        cp -Lp "$file" "$ROOT_DIR/$dirn"
    fi
done

echo ""
echo "Finished setting up a chroot dir at $ROOT_DIR."
echo ""
echo "You may wish to create data directories"
if [ `uname` = Linux ]; then
    echo "or use mount --bind datadir $ROOT_DIR/datadir"
    echo "to link in external directories."
fi
echo ""