makeschsh

   1 #!/usr/bin/python
   2 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
   3 # Configuration
   4 schsh = "/usr/local/bin/schsh"
   5 group = "schsh"
   6 chroots = "/var/lib/schsh"
   7
   8 # END of Configuration
   9 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
  10 # DO NOT TOUCH ANYTHING BELOW THIS LINE
  11
  12 import os, sys, subprocess, pwd, grp
  13
  14 if os.getuid() != 0:
  15         print "Run this a root, please."
  16         sys.exit(1)
  17
  18
  19 def setup(name):
  20         chroot = os.path.join(chroots, name)
  21         if os.path.exists(chroot):
  22                 raise Exception(chroot+" already exists, please remove it first")
  23         userpw = pwd.getpwnam(name)
  24
  25         # schroot configuration
  26         with open("/etc/schroot/chroot.d/user-"+name, "w") as f:
  27                 print >>f, """[user-{0}]
  28 type=directory
  29 directory={1}
  30 users={0}
  31 profile=user
  32 setup.fstab=user/user-{0}.fstab
  33 """.format(name, chroot)
  34         with open("/etc/schroot/user/user-"+name+".fstab", "w") as f:
  35                 print >>f, """# <file system> <mount point>   <type>  <options>       <dump>  <pass>
  36 /bin          \t/bin          \tnone  \trw,bind       \t0     \t0
  37 /lib          \t/lib          \tnone  \trw,bind       \t0     \t0
  38 /usr/bin      \t/usr/bin      \tnone  \trw,bind       \t0     \t0
  39 /usr/lib      \t/usr/lib      \tnone  \trw,bind       \t0     \t0
  40 /home/{0}/data\t/data         \tnone  \trw,bind       \t0     \t0
  41 """.replace(' ', '').format(name) # need to remove spaces so schroot does not complain
  42
  43         # setup the schroot directory
  44         os.mkdir(chroot)
  45         for folder in ["etc", "dev", "bin", "usr", "data"]:
  46                 os.mkdir(os.path.join(chroot, folder))
  47
  48         # setup /etc/passwd and /etc/group
  49         with open(os.path.join(chroot, "etc", "passwd"), "w") as f:
  50                 print >>f, "root:x:0:0:root:/root:/bin/bash"
  51                 print >>f, "{0}:x:{1}:{2}:,,,:/data:/bin/false".format(name, userpw.pw_uid, userpw.pw_gid)
  52         with open(os.path.join(chroot, "etc", "group"), "w") as f:
  53                 print >>f, "root:x:0:"
  54                 usergrp = grp.getgrgid(userpw.pw_gid)
  55                 print >>f, "{0}:x:{1}:".format(usergrp.gr_name, usergrp.gr_gid)
  56                 if group:
  57                         groupgrp = grp.getgrnam(group)
  58                         assert usergrp.gr_gid != groupgrp.gr_gid
  59                         print >>f, "{0}:x:{1}:{2}".format(groupgrp.gr_name, groupgrp.gr_gid, name)
  60
  61         # user configuration
  62         if userpw.pw_shell != schsh:
  63                 subprocess.check_output(["usermod", "--shell", schsh, name])
  64         if group:
  65                 subprocess.check_output(["adduser", name, "schsh"])
  66
  67         # done!
  68
  69 if len(sys.argv) <= 1:
  70         print "Usage: %s <usernames>" % sys.argv[0]
  71 else:
  72         for name in sys.argv[1:]:
  73                 print "Setting up",name
  74                 setup(name)