From 271a0dfcfd2f4f2dd7d9cc0fb9d5a8749cd5d472 Mon Sep 17 00:00:00 2001 From: B Stack Date: Tue, 29 Sep 2020 22:08:31 -0400 Subject: add sudo rule --- README.md | 2 -- src/Makefile | 4 ++-- src/etc/sudoers.d/40_myautomount_sudo | 3 +++ src/usr/bin/myautomountd | 4 ++++ 4 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 src/etc/sudoers.d/40_myautomount_sudo diff --git a/README.md b/README.md index e275aa7..cf8f9c7 100644 --- a/README.md +++ b/README.md @@ -17,8 +17,6 @@ Use environment variable `MYA_PREFIX` for testing. ## TODO A number of steps are still required before this package is production-worthy. -* add sudo rule -* make daemon invoke initialize script with sudo. This has to happen so the uid= in the autofs definition is the current user. So multi-seat usage could break the functionality, but that would also break regular file permissions. # References [1]: https://github.com/project-trident/trident-utilities/blame/master/src-go/automount/main.go diff --git a/src/Makefile b/src/Makefile index 58f89c5..88d5ddd 100644 --- a/src/Makefile +++ b/src/Makefile @@ -84,8 +84,8 @@ install_files: @${echobin} Installing files to ${DESTDIR} for td in $$( ${findbin} ${SRCDIR} -type d ! -name '.*.swp' ! -name 'Makefile' -printf '%P\n' | ${sedbin} -r -e "s:etc/sysconfig:${DEFAULTDIR}:" -e "s:${DESTDIR}/?::" ) ; do ${installbin} -m0755 -d ${DESTDIR}/$${td} ; done for tf in $$( ${findbin} ${SRCDIR} ! -type d ! -type l ! -name '.*.swp' ! -name 'Makefile' ! \( -path '*/man/*' -name '*.txt' \) ! -path '*/sysconfig/*' -printf '%P\n' ) ; do MODE=0644 ; echo "$${tf}" | grep -qE "(bin|libexec|deprecated)\/" && MODE=0755 ; ${installbin} -m$${MODE} ${SRCDIR}/$${tf} ${DESTDIR}/$${tf} ; done - ${lnbin} -s ../../../${APPSDIR_SHORT}/myautomountd.desktop ${XDGAUTODIR}/myautomountd.desktop - ${lnbin} -s ../../../${APPSDIR_SHORT}/myautomount-trayicon.desktop ${XDGAUTODIR}/myautomount-trayicon.desktop + ${lnbin} -sf ../../../${APPSDIR_SHORT}/myautomountd.desktop ${XDGAUTODIR}/myautomountd.desktop + ${lnbin} -sf ../../../${APPSDIR_SHORT}/myautomount-trayicon.desktop ${XDGAUTODIR}/myautomount-trayicon.desktop MAN_TXT:=$(wildcard usr/share/man/man*/*.txt) MAN_GZ:= $(subst .txt,.gz,$(MAN_TXT)) diff --git a/src/etc/sudoers.d/40_myautomount_sudo b/src/etc/sudoers.d/40_myautomount_sudo new file mode 100644 index 0000000..7f31d15 --- /dev/null +++ b/src/etc/sudoers.d/40_myautomount_sudo @@ -0,0 +1,3 @@ +# File: /etc/sudoers.d/30_myautomount_sudo +Defaults env_keep += "DRYRUN VERBOSE MYA_PREFIX DEBUG" +ALL ALL = (root) NOPASSWD: /usr/libexec/myautomount/myautomount-initialize.sh diff --git a/src/usr/bin/myautomountd b/src/usr/bin/myautomountd index a5d8828..340ce04 100755 --- a/src/usr/bin/myautomountd +++ b/src/usr/bin/myautomountd @@ -119,6 +119,10 @@ createEntry() { trap '__ec=$? ; clean_automount ; trap "" 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 18 19 20 ; exit ${__ec} ;' 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 18 19 20 mkdir -p "${AUTOMOUNT_BASEDIR}" +# run initialization script as root +$( which sudo 2>/dev/null ) /usr/libexec/myautomount/myautomount-initialize.sh +_response="${?}" ; test ${_response} -ne 0 && exit ${_response} + # MAIN # start udevadm udevadm monitor -u -s block 1> "${AUTOMOUNT_TMPFILE}" & -- cgit