diff options
author | Simon Rettberg | 2019-06-28 16:56:22 +0200 |
---|---|---|
committer | root | 2019-06-28 17:12:49 +0200 |
commit | f8abc5d351b6fa2293593d394a80c83665d5729d (patch) | |
tree | e24a9ee760e50f66cf6698eaf0a73ee104b2b93b /core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter | |
parent | [pam-slx-plug] Move slx-plug specific hook directory (diff) | |
download | mltk-f8abc5d351b6fa2293593d394a80c83665d5729d.tar.gz mltk-f8abc5d351b6fa2293593d394a80c83665d5729d.tar.xz mltk-f8abc5d351b6fa2293593d394a80c83665d5729d.zip |
[pam-slx-plug] Move old pam_script_* hook dirs to pam dir
They're all now in subdirectories of /opt/openslx/pam/hooks.
Symlinks have been put in place where they used to reside.
Diffstat (limited to 'core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter')
-rw-r--r-- | core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter b/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter new file mode 100644 index 00000000..d4add9b1 --- /dev/null +++ b/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter @@ -0,0 +1,69 @@ +#!/bin/bash +#^ SOURCED, actually running in ash + +format_urls() { + local url scheme host path count chost + for url in $@; do + # first remove '*://' scheme, none means the same + url="${url#*\*://}" + # extract scheme and remove it from url if needed + scheme="${url%%://*}" + if [ "$scheme" != "$url" ]; then + url="${url#*://}" + else + scheme= + fi + # extract host, skip entry if empty + host="${url%%/*}" + [ -z "$host" ] && continue + # transform into chromium syntax + if [ "$host" != "${host//\*/}" ]; then + # host contains wildcard '*' + # look for the longest subdomain until the wildcard + chost="$(echo "$host" | grep -oE '[^*]+$')" + # remove dot left over + if [ -n "$chost" ]; then + chost="${chost#?}" + else + chost='*' + fi + else + # chromium: exact host match must be prefixed with '.' + chost=".${host}" + fi + path="${url#*/}" + [ "$path" = "${host}" ] && path= + cpath= + if [ -n "$path" ]; then + cpath="$(echo "$path" | grep -oE '^[^*]*')" + fi + echo -e "\t\t\"${scheme:+${scheme}://}${chost}${cpath:+/${cpath}}\"," + done | sed '$ s/.$//' +} + +main() { + [ -e "/opt/openslx/config" ] || exit 0 + . /opt/openslx/config + + local url_policy_file="/etc/chromium-browser/policies/managed/url-filter.json" + echo -e "{\n" > "$url_policy_file" + local ttype + if [ "$SLX_BROWSER_IS_WHITELIST" -eq 1 ]; then + ttype="White" + echo -e '\t"URLBlacklist": [ "*" ],' >> "$url_policy_file" + else + ttype="Black" + fi + if [ -n "$SLX_BROWSER_URLLIST" ]; then + echo -e '\t"URL'"$ttype"'list": [' >> "$url_policy_file" + format_urls $SLX_BROWSER_URLLIST >> "$url_policy_file" + echo -e '\t]' >> "$url_policy_file" + fi + echo -e '}' >> "$url_policy_file" +} + +if [ "${PAM_SERVICE//autologin/}" != "$PAM_SERVICE" -a "$PAM_TTY" = ":0" ]; then + # autologin of some sort + main +fi +true |