YunoHost-Apps/ssh_chroot_dir_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh.git synced 2024-09-03 20:26:26 +02:00
Code Issues Activity Actions

Use chroot_manager

Browse source
This commit is contained in:
Maniack Crudelis 2017-10-13 18:19:36 +02:00
parent e6366ce164
commit 3969ee964a
6 changed files with 21 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -17,9 +17,7 @@ In addition to the chroot, the user has a limited space available.
So, you can provide to a distant user a limited part of your hard disk to let him put his backup, without any risk for your own server. So, you can provide to a distant user a limited part of your hard disk to let him put his backup, without any risk for your own server.
**Shipped version:** **Shipped version:** 1.0
ssh_chroot 0.1
unix_quotas 0.2
## Screenshots ## Screenshots
@ -48,5 +46,4 @@ Only by installing this app for each user.
* Report a bug: https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh/issues * Report a bug: https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh/issues
* ssh_chroot website: https://github.com/maniackcrudelis/ssh_chroot * ssh_chroot website: https://github.com/maniackcrudelis/ssh_chroot
* unix_quotas website: https://github.com/maniackcrudelis/unix_quotas
* YunoHost website: https://yunohost.org/ * YunoHost website: https://yunohost.org/

4
conf/ssh_chroot.src → conf/app.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/maniackcrudelis/ssh_chroot/archive/v0.1.tar.gz SOURCE_URL=https://github.com/maniackcrudelis/ssh_chroot/archive/v1.0.tar.gz
SOURCE_SUM=0454fbcffc42b0c2c692ac3696929666 SOURCE_SUM=f5bacbdf8431e42cd9727fca1ca1c4c9
SOURCE_SUM_PRG=md5sum SOURCE_SUM_PRG=md5sum
SOURCE_FORMAT=tar.gz SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true

6
conf/unix_quotas.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/maniackcrudelis/unix_quotas/archive/v0.2.tar.gz
SOURCE_SUM=f81abb8cccf31fe74a669f8585e3d79b
SOURCE_SUM_PRG=md5sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

49
scripts/install
View file

@ -70,8 +70,7 @@ ynh_app_setting_set $app size $size
ynh_app_setting_set $app final_path $final_path ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path/ssh_chroot" ssh_chroot ynh_setup_source "$final_path"
ynh_setup_source "$final_path/unix_quotas" unix_quotas
#================================================= #=================================================
# SPECIFIC SETUP # SPECIFIC SETUP
@ -79,8 +78,6 @@ ynh_setup_source "$final_path/unix_quotas" unix_quotas
# SOURCE THE LIBRARIES # SOURCE THE LIBRARIES
#================================================= #=================================================
# Load functions ssh_chroot_xxx
source "$final_path/ssh_chroot/ssh_chroot.sh"
# Load functions quotas_xxx # Load functions quotas_xxx
source "$final_path/unix_quotas/unix_quotas.sh" source "$final_path/unix_quotas/unix_quotas.sh"
@ -109,57 +106,29 @@ quotas_set_fstab "$quotas_mount_point"
quotas_activate "$quotas_mount_point" quotas_activate "$quotas_mount_point"
#================================================= #=================================================
# CREATE THE USER # CREATE THE USER WITH CHROOT_MANAGER
#=================================================
useradd -d "/data" --system --user-group $ssh_user --shell /bin/bash
# The home directory for this user is /data, relative to its chroot directory, $user_dir
#=================================================
# ADD A PASSWORD FOR THIS USER
#================================================= #=================================================
add_password=""
if [ -n "$password" ] if [ -n "$password" ]
then then
echo $ssh_user:$password | chpasswd add_password="--password \"$password\""
fi fi
#================================================= add_sshkey=""
# ADD THE SSH PUBLIC KEY
#=================================================
if [ -n "$pub_key" ] if [ -n "$pub_key" ]
then then
ynh_app_setting_set $app pub_key $pub_key ynh_app_setting_set $app pub_key $pub_key
mkdir -p "$user_dir/.ssh" add_sshkey="--sshkey \"$pub_key\""
# Secure the ssh key
echo -n "no-port-forwarding,no-X11-forwarding,no-agent-forwarding " >> "$user_dir/.ssh/authorized_keys"
# Then add the key
echo "$pub_key" >> "$user_dir/.ssh/authorized_keys"
fi fi
#================================================= $final_path/chroot_manager.sh adduser --name $ssh_user $add_password $add_sshkey --directory "$user_dir" --quota $size
# SET THE QUOTA FOR THIS USER
#=================================================
quotas_set_for_user $ssh_user $user_dir $size
#================================================= #=================================================
# SET THE CHROOT DIRECTORY # ADD A LINK TO CHROOT_MANAGER
#================================================= #=================================================
# Build the chroot ln -s $final_path/chroot_manager.sh /home/yunohost.app/ssh_chroot_directories/chroot_manager
ssh_chroot_set_directory "$user_dir"
# Copy some binaries in the chroot
ssh_chroot_standard_binaries "$user_dir"
ssh_chroot_copy_binary rsync "$user_dir"
# Set permissions
ssh_chroot_set_permissions "$user_dir" $ssh_user
# Set the chroot in the ssh config
ssh_chroot_add_chroot_config "$user_dir" $ssh_user
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION

20
scripts/remove
View file

@ -24,8 +24,6 @@ final_path=$(ynh_app_setting_get $app final_path)
# SOURCE THE LIBRARIES # SOURCE THE LIBRARIES
#================================================= #=================================================
# Load functions ssh_chroot_xxx
source "$final_path/ssh_chroot/ssh_chroot.sh"
# Load functions quotas_xxx # Load functions quotas_xxx
source "$final_path/unix_quotas/unix_quotas.sh" source "$final_path/unix_quotas/unix_quotas.sh"
@ -38,17 +36,14 @@ user_dir="/home/yunohost.app/ssh_chroot_directories/$ssh_user"
quotas_find_mount_point "$user_dir" quotas_find_mount_point "$user_dir"
quotas_clean_fstab "$quotas_mount_point" quotas_clean_fstab "$quotas_mount_point"
# Activate quotas # Deactivate quotas
quotas_deactivate "$quotas_mount_point" quotas_deactivate "$quotas_mount_point"
#================================================= #=================================================
# REMOVE SSH CHROOT CONFIG # REMOVE THE USER WITH CHROOT_MANAGER
#================================================= #=================================================
sed -i "/# Automatically added for the user $ssh_user/d" /etc/ssh/sshd_config $final_path/chroot_manager.sh deluser --name $ssh_user
# Reload ssh service
systemctl reload ssh
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
@ -59,15 +54,6 @@ systemctl reload ssh
# Remove the app directory securely # Remove the app directory securely
ynh_secure_remove "$final_path" ynh_secure_remove "$final_path"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
# Delete a system user
ynh_system_user_delete $ssh_user
#================================================= #=================================================
# DISCLAIMER # DISCLAIMER
#================================================= #=================================================

8
scripts/upgrade
View file

@ -43,8 +43,6 @@ ynh_setup_source "$final_path/unix_quotas" unix_quotas
# Load functions ssh_chroot_xxx # Load functions ssh_chroot_xxx
source "$final_path/ssh_chroot/ssh_chroot.sh" source "$final_path/ssh_chroot/ssh_chroot.sh"
# Load functions quotas_xxx
source "$final_path/unix_quotas/unix_quotas.sh"
#================================================= #=================================================
# UPDATE THE CHROOT DIRECTORY # UPDATE THE CHROOT DIRECTORY
@ -62,6 +60,12 @@ ssh_chroot_copy_binary rsync "$user_dir"
# Set permissions # Set permissions
ssh_chroot_set_permissions "$user_dir" $ssh_user ssh_chroot_set_permissions "$user_dir" $ssh_user
#=================================================
# UPDATE THE LINK TO CHROOT_MANAGER
#=================================================
ln -s $final_path/chroot_manager.sh /home/yunohost.app/ssh_chroot_directories/chroot_manager
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================