From d90bf98f508957b4c996139e078e963febd163bb Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Sat, 10 Mar 2018 15:10:06 +0100
Subject: [pam/runvirt/..] Move .account and .home into .openslx subdirectory

Create separate tmpfs for .openslx to make sure the user cannot rename,
edit or remove the files. It's a subdir of $HOME which has 0700, so
no other user will be able to read it.
---
 core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

(limited to 'core/modules/pam-slx-plug')

diff --git a/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth b/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth
index dbc6cb5d..16b1af5a 100755
--- a/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth
+++ b/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth
@@ -121,16 +121,17 @@ if ! awk '{print $2}' /proc/mounts | grep -Fxq -- "${TEMP_HOME_DIR}"; then
 	if ! mkdir -p "${TEMP_HOME_DIR}"; then
 		slxlog --echo "pam-global-mktemphome" "Could not create '${TEMP_HOME_DIR}'."
 	fi
-	if ! mount -t tmpfs -o mode=700,size=1024m tmpfs "${TEMP_HOME_DIR}"; then
+	if ! mount -t tmpfs -o "uid=${USER_UID},gid=${USER_GID},mode=0700,size=1024m" tmpfs "${TEMP_HOME_DIR}"; then
 		slxlog --echo "pam-global-tmpfstemphome" "Could not make a tmpfs on '${TEMP_HOME_DIR}'"
 	fi
-	if ! chown "${USER_UID}:${USER_GID}" "${TEMP_HOME_DIR}"; then
-		slxlog --echo "pam-global-chpersistent" "Could not chown '${TEMP_HOME_DIR}' to '${PAM_USER}'."
-	fi
+	# mount another tmpfs into subdir so we can create files that the user cannot modify
+	# but still read, while at the same time preventing any other user from reading it
+	mkdir -p "${TEMP_HOME_DIR}/.openslx"
+	mount -t tmpfs -o size=1m,uid=0,gid=0,mode=0755 tmpfs "${TEMP_HOME_DIR}/.openslx"
 fi
 if [ -n "${REAL_ACCOUNT}" ]; then
-	echo "${REAL_ACCOUNT}" > "${TEMP_HOME_DIR}/.account"
-	chmod 0644 "${TEMP_HOME_DIR}/.account"
+	echo "${REAL_ACCOUNT}" > "${TEMP_HOME_DIR}/.openslx/account"
+	chmod 0644 "${TEMP_HOME_DIR}/.openslx/account"
 fi
 
 
-- 
cgit v1.2.3-55-g7522