blob: cba692fd03ffce1be6e266687b056397c4e78e50 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
#!/bin/bash
#^ SOURCED, actually running in ash
format_urls() {
local url scheme host path chost
while [ $# -ne 0 ]; do
url="$1"
shift
# extract scheme and remove it from url if needed
scheme="${url%%://*}"
if [ "$scheme" != "$url" ]; then
url="${url#*://}"
if [ "$scheme" = 'http*' ]; then
# Special case: assume http* means http and https
scheme="http"
format_urls "https://$url"
elif [ "${scheme#*\*}" != "${scheme}" ]; then
# Contains a *, not supported, use any
scheme=
fi
else
scheme=
fi
# extract host
host="${url%%/*}"
[ -z "$host" ] && continue
# transform into chromium syntax
# We don't support arbitrary wildcards in the host part
chost="${host##*\*}"
if [ "$host" != "$chost" ]; then
# host contains wildcard '*', use everything
# after last * in host
if [ "${chost:0:1}" = "." ]; then
# Remove leading dot if any
chost="${chost#?}"
fi
# Empty host means any host
[ -z "$chost" ] && chost='*'
else
# chromium: exact host match must be prefixed with '.'
chost=".${chost}"
fi
path="${url#*/}"
[ "${path}" = "${host}" ] && path=
path="${path%%\**}"
printf "%s\n" "${scheme:+${scheme}://}${chost}${path:+/${path}}"
done
}
main() {
[ -z "$SLX_PXE_CLIENT_IP" ] && . /opt/openslx/config
local url_policy_file="/etc/chromium-browser/policies/managed/url-filter.json"
if [ -z "$SLX_BROWSER_BLACKLIST" ] && [ -z "$SLX_BROWSER_WHITELIST" ]; then
# Legacy format
if [ "$SLX_BROWSER_IS_WHITELIST" -eq 1 ]; then
SLX_BROWSER_BLACKLIST="*"
SLX_BROWSER_WHITELIST="$SLX_BROWSER_URLLIST"
else
SLX_BROWSER_BLACKLIST="$SLX_BROWSER_URLLIST"
fi
fi
if [ -z "$SLX_BROWSER_BLACKLIST" ] && [ -z "$SLX_BROWSER_WHITELIST" ]; then
rm -f -- "$url_policy_file"
return
fi
# Create file
echo "{" > "$url_policy_file"
if [ -n "$SLX_BROWSER_BLACKLIST" ]; then
echo -e '\tURLBlacklist: ' >> "$url_policy_file"
format_urls $SLX_BROWSER_BLACKLIST \
| jq -Rs 'rtrimstr("\n") | split("\n")' >> "$url_policy_file"
[ -n "$SLX_BROWSER_WHITELIST" ] && echo ',' >> "$url_policy_file"
fi
if [ -n "$SLX_BROWSER_WHITELIST" ]; then
echo -e '\tURLWhitelist: ' >> "$url_policy_file"
format_urls $SLX_BROWSER_WHITELIST \
| jq -Rs 'rtrimstr("\n") | split("\n")' >> "$url_policy_file"
fi
echo '}' >> "$url_policy_file"
}
if [ "${PAM_SERVICE//autologin/}" != "$PAM_SERVICE" ] && [ "$PAM_TTY" = ":0" ]; then
# autologin of some sort
main
fi
true
|