From 0b5da07577fd168692022e6b9311fb221ab38cb7 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 3 May 2024 17:09:42 +0200
Subject: [lightdm-greeter-bwlp/vmchooser2] Handle cow token

---
 .../vmchooser2/data/opt/openslx/bin/vmchooser        |  4 ++++
 .../pam/hooks/session-open.d/50-move-admintoken.sh   | 20 ++++++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100755 core/modules/vmchooser2/data/opt/openslx/pam/hooks/session-open.d/50-move-admintoken.sh

(limited to 'core/modules/vmchooser2')

diff --git a/core/modules/vmchooser2/data/opt/openslx/bin/vmchooser b/core/modules/vmchooser2/data/opt/openslx/bin/vmchooser
index a0048f39..d0555bfe 100755
--- a/core/modules/vmchooser2/data/opt/openslx/bin/vmchooser
+++ b/core/modules/vmchooser2/data/opt/openslx/bin/vmchooser
@@ -93,5 +93,9 @@ if [ -n "$SLX_SCREEN_SAVER_TIMEOUT" ]; then
 	EXTRA+=( "--allow-screensaver-disable" )
 fi
 
+if [ -s "/run/user/$(id -u)/cow-token" ]; then
+	EXTRA+=( "--cow-token" "/run/user/$(id -u)/cow-token" )
+fi
+
 exec vmchooser.real "$@" --url "$URL" --fullscreen --tab "$TAB" --start-uuid "$SLX_EXAM_START" "${EXTRA[@]}"
 
diff --git a/core/modules/vmchooser2/data/opt/openslx/pam/hooks/session-open.d/50-move-admintoken.sh b/core/modules/vmchooser2/data/opt/openslx/pam/hooks/session-open.d/50-move-admintoken.sh
new file mode 100755
index 00000000..578b1046
--- /dev/null
+++ b/core/modules/vmchooser2/data/opt/openslx/pam/hooks/session-open.d/50-move-admintoken.sh
@@ -0,0 +1,20 @@
+#!/bin/ash
+# ^ actually sourced
+
+if [ "$PAM_SERVICE" != "su" ] && [ "$PAM_SERVICE" != "sudo" ]; then
+	md5=$( printf "%s" "$PAM_USER" | md5sum )
+	file="/run/openslx/lightdm/${md5:0:32}"
+	if [ -s "$file" ]; then
+		getent="$( getent passwd "$PAM_USER" )"
+		USER_UID="$( printf "%s" "$getent" | awk -F: '{print $3; exit}' )"
+		udir="/run/user/$USER_UID"
+		if ! [ -d "$udir" ]; then
+			USER_GID="$( printf "%s" "$getent" | awk -F: '{print $4; exit}' )"
+			mkdir -p "$udir"
+			chmod 0700 "$udir"
+			chown "${USER_UID}:${USER_GID}" "$udir"
+		fi
+		mv -f "$file" "$udir/cow-token"
+		chown "$USER_UID" "$udir/cow-token"
+	fi
+fi
-- 
cgit v1.2.3-55-g7522