diff options
Diffstat (limited to 'core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh')
-rwxr-xr-x | core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh b/core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh new file mode 100755 index 00000000..f5db36e4 --- /dev/null +++ b/core/modules/run-virt-docker/data/opt/openslx/pam/hooks/auth-final-exec.d/30-add-to-docker.sh @@ -0,0 +1,23 @@ +#!/bin/ash + +adduser "${PAM_USER}" "docker" + +# create a location for user bind mount +# used in /opt/openslx/vmchooser/plugins/docker/includes/init-bind-mount.inc +DOCKER_TMP="/tmp/docker" +[ -e $DOCKER_TMP ] && rm -rf -- $DOCKER_TMP +[ ! -e $DOCKER_TMP ] && mkdir -p $DOCKER_TMP && chmod 0777 $DOCKER_TMP + +# TODO Check if same user logs on to the system. +# if prev_user != curr_user then delete existing /tmp/virt/docker/prev_user_uid:prev_user_gid/ + +# This changes the subuid and subgid for the dockremap(user) to the current user and restards the docker daemon. +# Because off this change in the docker daemon, for each userns will be a directory under /tmp/virt/docker/ +# so new users cannot uses previously downloade images by other user. +# But it saves the next user from using images, created by the previous user. + +sed -i "s/dockremap:[0-9]\+.65536/dockremap:$(id -u ${PAM_USER}):65536/g" /etc/subuid +sed -i "s/dockremap:[0-9]\+.65536/dockremap:$(id -g ${PAM_USER}):65536/g" /etc/subgid +systemctl restart docker.service + +exit 0 |