better filtering
[schsh.git] / makeschsh
1 #!/usr/bin/python
2 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
3 # Configuration
4 schsh = "/usr/local/bin/schsh"
5 group = "schsh"
6 chroots = "/var/lib/schsh"
7
8 # END of Configuration
9 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
10 # DO NOT TOUCH ANYTHING BELOW THIS LINE
11
12 import os, sys, subprocess, pwd, grp
13
14 if os.getuid() != 0:
15         print "Run this a root, please."
16         sys.exit(1)
17
18
19 def setup(name):
20         chroot = os.path.join(chroots, name)
21         if os.path.exists(chroot):
22                 raise Exception(chroot+" already exists, please remove it first")
23         userpw = pwd.getpwnam(name)
24         
25         # schroot configuration
26         with open("/etc/schroot/chroot.d/schsh-"+name, "w") as f:
27                 print >>f, """[schsh-{0}]
28 type=directory
29 directory={1}
30 users={0}
31 profile=schsh
32 setup.fstab=schsh/{0}.fstab
33 """.format(name, chroot)
34         with open("/etc/schroot/schsh/"+name+".fstab", "w") as f:
35                 # no spaces, schroot does not like them
36                 print >>f, "# <file system> <mount point>   <type>  <options>       <dump>  <pass>"
37                 # system folders
38                 for folder in ("/bin", "/lib", "/lib64", "/usr/bin", "/usr/lib", "/usr/lib64"):
39                         if os.path.exists(folder):
40                                 print >>f, "{0}\t{0}\tnone\trw,bind\t0\t0".format(folder)
41                 # user folder
42                 print >>f, "/home/{0}/data\t/data\tnone\trw,bind\t0\t0".format(name)
43         
44         # setup the schroot directory
45         os.mkdir(chroot)
46         for folder in ["etc", "dev", "bin", "usr", "data"]:
47                 os.mkdir(os.path.join(chroot, folder))
48         
49         # setup /etc/passwd and /etc/group
50         with open(os.path.join(chroot, "etc", "passwd"), "w") as f:
51                 print >>f, "root:x:0:0:root:/root:/bin/bash"
52                 print >>f, "{0}:x:{1}:{2}:,,,:/data:/bin/false".format(name, userpw.pw_uid, userpw.pw_gid)
53         with open(os.path.join(chroot, "etc", "group"), "w") as f:
54                 print >>f, "root:x:0:"
55                 usergrp = grp.getgrgid(userpw.pw_gid)
56                 print >>f, "{0}:x:{1}:".format(usergrp.gr_name, usergrp.gr_gid)
57                 if group:
58                         groupgrp = grp.getgrnam(group)
59                         assert usergrp.gr_gid != groupgrp.gr_gid
60                         print >>f, "{0}:x:{1}:{2}".format(groupgrp.gr_name, groupgrp.gr_gid, name)
61         
62         # user configuration
63         if userpw.pw_shell != schsh:
64                 subprocess.check_output(["usermod", "--shell", schsh, name])
65         if group:
66                 subprocess.check_output(["adduser", name, "schsh"])
67         
68         # done!
69
70 if len(sys.argv) <= 1:
71         print "Usage: %s <usernames>" % sys.argv[0]
72 else:
73         for name in sys.argv[1:]:
74                 print "Setting up",name
75                 setup(name)