diff options
| author | Jonathan Bauer | 2021-05-04 14:31:06 +0200 |
|---|---|---|
| committer | Jonathan Bauer | 2021-05-04 14:31:06 +0200 |
| commit | 9edb9e7edf996272ad2fdca573e874472fb8e226 (patch) | |
| tree | beed71f29f56fb21b2107d5e27b8a6bf031c15b6 /core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh | |
| parent | Merge branch 'master' into installer (diff) | |
| parent | [run-virt-docker] change to new email address (diff) | |
| download | mltk-9edb9e7edf996272ad2fdca573e874472fb8e226.tar.gz mltk-9edb9e7edf996272ad2fdca573e874472fb8e226.tar.xz mltk-9edb9e7edf996272ad2fdca573e874472fb8e226.zip | |
Merge branch 'master' into installer
Diffstat (limited to 'core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh')
| -rwxr-xr-x | core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh b/core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh new file mode 100755 index 00000000..f5db36e4 --- /dev/null +++ b/core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh @@ -0,0 +1,23 @@ +#!/bin/ash + +adduser "${PAM_USER}" "docker" + +# create a location for user bind mount +# used in /opt/openslx/vmchooser/plugins/docker/includes/init-bind-mount.inc +DOCKER_TMP="/tmp/docker" +[ -e $DOCKER_TMP ] && rm -rf -- $DOCKER_TMP +[ ! -e $DOCKER_TMP ] && mkdir -p $DOCKER_TMP && chmod 0777 $DOCKER_TMP + +# TODO Check if same user logs on to the system. +# if prev_user != curr_user then delete existing /tmp/virt/docker/prev_user_uid:prev_user_gid/ + +# This changes the subuid and subgid for the dockremap(user) to the current user and restards the docker daemon. +# Because off this change in the docker daemon, for each userns will be a directory under /tmp/virt/docker/ +# so new users cannot uses previously downloade images by other user. +# But it saves the next user from using images, created by the previous user. + +sed -i "s/dockremap:[0-9]\+.65536/dockremap:$(id -u ${PAM_USER}):65536/g" /etc/subuid +sed -i "s/dockremap:[0-9]\+.65536/dockremap:$(id -g ${PAM_USER}):65536/g" /etc/subgid +systemctl restart docker.service + +exit 0 |