From eb2f394ec1e72bca2376a85e0a4870465bf4c7a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Fri, 15 Feb 2013 18:47:13 +0100 Subject: [PATCH] run the script as user (via sudo) --- filesystem/opt/groomer/constraint.sh | 21 +++++++++++++++++ filesystem/opt/groomer/groomer.sh | 35 ++++++++++++---------------- filesystem/opt/groomer/init.sh | 13 +++++++++++ 3 files changed, 49 insertions(+), 20 deletions(-) create mode 100644 filesystem/opt/groomer/constraint.sh create mode 100755 filesystem/opt/groomer/init.sh diff --git a/filesystem/opt/groomer/constraint.sh b/filesystem/opt/groomer/constraint.sh new file mode 100644 index 0000000..36983af --- /dev/null +++ b/filesystem/opt/groomer/constraint.sh @@ -0,0 +1,21 @@ +DEV_SRC='/dev/sdf' +DEV_DST='/dev/sdg1' +HOME='/home/kitten' +# User allowed to do the following commands without password +USERNAME='kitten' + +# commands +SUDO='/usr/bin/sudo' +ID='/usr/bin/id -u' + +# root commands +MOUNT='/bin/mount' +UMOUNT='/bin/umount' +SYNC='/bin/sync' +SHUTDOWN='/sbin/shutdown' + + +# To put in /etc/sudoers +# Cmnd alias specification +#Cmnd_Alias GROOMER_CMDS = /bin/mount, /bin/umount, /bin/sync +#kitten ALL=(ALL) NOPASSWD: GROOMER_CMDS diff --git a/filesystem/opt/groomer/groomer.sh b/filesystem/opt/groomer/groomer.sh index b6259ef..7931207 100755 --- a/filesystem/opt/groomer/groomer.sh +++ b/filesystem/opt/groomer/groomer.sh @@ -3,12 +3,7 @@ set -e set -x -#Constraints -DEV_SRC='/dev/sdf' -DEV_DST='/dev/sdg1' -HOME=testing -############ - +source ./constraint.sh SRC=${HOME}/src DST=${HOME}/dst @@ -20,20 +15,19 @@ LOGS=${DST}/logs clean(){ echo Cleaning. - sync + ${SUDO} ${SYNC} # Cleanup source - umount $SRC + ${SUDO} ${UMOUNT} $SRC || true rm -rf $SRC # Cleanup destination rm -rf ${TEMP} rm -rf ${ZIPTEMP} - umount $DST + ${SUDO} ${UMOUNT} $DST || true rm -rf $DST - # Only if running on a rPi - #/sbin/shutdown -h now + exit } trap clean EXIT TERM INT @@ -64,13 +58,14 @@ if [ ! -d $DST ]; then mkdir $DST fi -# Mount and prepare destination device -if mount|grep $DST; then - umount $DST || true +# mount and prepare destination device +if ${MOUNT}|grep $DST; then + ${SUDO} ${UMOUNT} $DST || true fi -mount -o noexec,nosuid,nodev ${DEV_DST} ${DST} +# uid= only works on a vfat FS. What should wedo if we get an ext* FS ? +${SUDO} ${MOUNT} -t vfat -o user,noexec,nosuid,nodev,rw,uid=`${ID}` ${DEV_DST} ${DST} if [ $? -ne 0 ]; then - echo Unable to mount ${DEV_DST} on ${DST} + echo Unable to ${MOUNT} ${DEV_DST} on ${DST} exit else echo 'Target USB device ('${DEV_DST}') mounted at '${DST} @@ -94,13 +89,13 @@ for partition in ${DEV_PARTITIONS} do # Processing a partition echo Processing partition: ${partition} - if mount|grep $SRC; then - umount $SRC + if ${MOUNT}|grep $SRC; then + ${SUDO} ${UMOUNT} $SRC fi - mount -o noexec,nosuid,nodev -r $partition $SRC + ${SUDO} ${MOUNT} -o noexec,nosuid,nodev -r $partition $SRC if [ $? -ne 0 ]; then - echo Unable to mount ${partition} on $SRC + echo Unable to ${MOUNT} ${partition} on $SRC else echo $partition mounted at $SRC diff --git a/filesystem/opt/groomer/init.sh b/filesystem/opt/groomer/init.sh new file mode 100755 index 0000000..08d7b94 --- /dev/null +++ b/filesystem/opt/groomer/init.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -e +set -x + +USERNAME='kitten' + +su ${USERNAME} -c ./groomer.sh + +echo 'Done.' +# Only if running on a rPi +# shutdown -h now +