diff options
5 files changed, 93 insertions, 129 deletions
diff --git a/helper/fileutil.inc b/helper/fileutil.inc index 027f5404..aae654bc 100644 --- a/helper/fileutil.inc +++ b/helper/fileutil.inc @@ -91,7 +91,7 @@ install_packages() { for PKG in ${PACKAGE_LIST}; do # check if installed if [ "x$PACKET_HANDLER" == "xdpkg" ]; then - dpkg -L ${PKG} > /dev/null 2>&1 + dpkg -l ${PKG} > /dev/null 2>&1 elif [ "x$PACKET_HANDLER" == "xrpm" ]; then rpm -ql ${PKG} > /dev/null 2>&1 else @@ -100,53 +100,72 @@ install_packages() { local LRET=$? if [ "x$LRET" == "x0" ]; then - # package installed - pdebug "$PKG installed!" + # check if it is completly installed, + # not just leftover configuration files + local INSTALL_STATUS=$(dpkg -l $PKG | grep $PKG | cut -c1-2) + if [[ $INSTALL_STATUS != "ii" ]]; then + pinfo "$PKG not installed!" + install_package $PKG + else + # package installed + pdebug "$PKG installed!" + fi else # package not installed pdebug "$PKG not installed!" - if [ "x$PACKET_MANAGER" == "xapt" ]; then - apt-get install -y ${PKG} - local IRET=$? - if [ "x$IRET" == "x0" ]; then - # $PGK was installed successfully - INSTALLED_PACKAGES+="$PKG " - else - # PKG was not installed - # TODO error handling - perror "install_packages: apt-get failed with '$IRET' for package '$PKG'" - fi - elif [ "x$PACKET_MANAGER" == "xzypper" ]; then - zypper --no-refresh --non-interactive install ${PKG} - local IRET=$? - if [ "x$IRET" == "x0" ]; then - # $PGK was installed successfully - INSTALLED_PACKAGES+="$PKG " - else - # PKG was not installed - # TODO error handling - perror "install_packages: zypper failed with '$IRET' for package '$PKG'" - fi - elif [ "x$PACKET_MANAGER" == "xyum" ]; then - yum --assumeyes install ${PKG} - local IRET=$? - if [ "x$IRET" == "x0" ]; then - # $PGK was installed successfully - INSTALLED_PACKAGES+="$PKG " - else - # PKG was not installed - # TODO error handling - perror "install_packages: yum failed with '$IRET' for package '$PKG'" - fi - else - perror "No packet manager determined, this should not happen!" - fi + install_package $PKG fi done [ ! -z "$INSTALLED_PACKAGES" ] && pinfo "Packages installed: ${INSTALLED_PACKAGES}" } # +# install individual package depending on package manager +# +install_package() { + if [ "$#" -ne 1 ]; then + perror "Only call install_package with one argument!" + fi + + if [ "x$PACKET_MANAGER" == "xapt" ]; then + apt-get install -y ${PKG} + local IRET=$? + if [ "x$IRET" == "x0" ]; then + # $PGK was installed successfully + INSTALLED_PACKAGES+="$PKG " + else + # PKG was not installed + # TODO error handling + perror "install_packages: apt-get failed with '$IRET' for package '$PKG'" + fi + elif [ "x$PACKET_MANAGER" == "xzypper" ]; then + zypper --no-refresh --non-interactive install ${PKG} + local IRET=$? + if [ "x$IRET" == "x0" ]; then + # $PGK was installed successfully + INSTALLED_PACKAGES+="$PKG " + else + # PKG was not installed + # TODO error handling + perror "install_packages: zypper failed with '$IRET' for package '$PKG'" + fi + elif [ "x$PACKET_MANAGER" == "xyum" ]; then + yum --assumeyes install ${PKG} + local IRET=$? + if [ "x$IRET" == "x0" ]; then + # $PGK was installed successfully + INSTALLED_PACKAGES+="$PKG " + else + # PKG was not installed + # TODO error handling + perror "install_packages: yum failed with '$IRET' for package '$PKG'" + fi + else + perror "No packet manager determined, this should not happen!" + fi +} + +# # copies static data files from <MODULE>/data/ to <TARGET_BUILD_DIR> # copy_static_data() { diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close index d3b5ebb3..535cd0d6 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close @@ -7,30 +7,42 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/o slxlog "session-close" "$PAM_USER logged out on $PAM_TTY" # do not kill all root processes :) -[ "x${PAM_USER}" == "xroot" ] && exit 0 +[ "x${PAM_USER}" = "xroot" ] && exit 0 +# can only work if script is run as root +[ "x$(whoami)" = "xroot" ] || exit 0 -OPENSESSIONS=$(loginctl | grep "${PAM_USER}" | wc -l) +OPENSESSION=$(loginctl show-user "$PAM_USER" | grep "Sessions=" | cut -c 10-) +SESSIONCOUNT=$(echo "$OPENSESSION" | wc -w) -if [ "x${OPENSESSIONS}" == "x1" ]; then +if [ "$SESSIONCOUNT" = "1" ]; then # last sessions, close all ghost user processes + usleep 500000 pkill -u "${PAM_USER}" # check if user's process are still running - for TIMEOUT in 1 1 1 2; do - if ! ps aux | grep -v grep | grep -q "${PAM_USER}"; then - break; + for TIMEOUT in 1 1 2 FAIL; do + if [ "$TIMEOUT" = "FAIL" ]; then + # still something running, send SIGKILL + pkill -9 -u "${PAM_USER}" + break fi + if ! ps -o pid,s -u "$PAM_USER" -U "$PAM_USER" | grep -q -v -E "PID|Z"; then + # nothing running anymore + break + fi + # give some time sleep "${TIMEOUT}" done - # all done, kill it again to be sure - pkill -9 -u "${PAM_USER}" - - # unmount the home directory structure - umount -l "/home/${PAM_USER}/PERSISTENT" || \ - echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." + # just to be sure we check if there's no other open session in the meantime + OPEN2=$(loginctl show-user "$PAM_USER" | grep "Sessions=" | cut -c 10-) + if [ -z "$OPEN2" -o "x$OPENSESSION" = "x$OPEN2" ]; then + # unmount the home directory structure + umount -l "/home/${PAM_USER}/PERSISTENT" || \ + echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." - umount -l "/home/${PAM_USER}" || \ - echo "Could not unmount '/home/${PAM_USER}'." + umount -l "/home/${PAM_USER}" || \ + echo "Could not unmount '/home/${PAM_USER}'." + fi fi exit 0 diff --git a/remote/modules/systemd/data/usr/lib/udev/rules.d/70-uaccess-floppy.rules b/remote/modules/systemd/data/usr/lib/udev/rules.d/70-uaccess-floppy.rules new file mode 100644 index 00000000..113d288a --- /dev/null +++ b/remote/modules/systemd/data/usr/lib/udev/rules.d/70-uaccess-floppy.rules @@ -0,0 +1,8 @@ +ACTION=="remove", GOTO="floppy_extra_end" +ENV{MAJOR}=="", GOTO="floppy_extra_end" + +# floppy devices +SUBSYSTEM=="block", KERNEL=="fd[0-9]*", TAG+="uaccess" + +LABEL="floppy_extra_end" + diff --git a/remote/modules/systemd/data/usr/lib/udev/rules.d/70-udev-acl.rules b/remote/modules/systemd/data/usr/lib/udev/rules.d/70-udev-acl.rules deleted file mode 100644 index 2dac2831..00000000 --- a/remote/modules/systemd/data/usr/lib/udev/rules.d/70-udev-acl.rules +++ /dev/null @@ -1,76 +0,0 @@ -# do not edit this file, it will be overwritten on update - -# Do not use TAG+="udev-acl" outside of this file. This variable is private to -# udev-acl of this udev release and may be replaced at any time. - -ENV{MAJOR}=="", GOTO="acl_end" -ACTION=="remove", GOTO="acl_apply" - -# systemd replaces udev-acl entirely, skip if active -TEST=="/sys/fs/cgroup/systemd", TAG=="uaccess", GOTO="acl_end" - -# PTP/MTP protocol devices, cameras, portable media players -SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="udev-acl" - -# digicams with proprietary protocol -ENV{ID_GPHOTO2}=="*?", TAG+="udev-acl" - -# SCSI and USB scanners -ENV{libsane_matched}=="yes", TAG+="udev-acl" - -# HPLIP devices (necessary for ink level check and HP tool maintenance) -ENV{ID_HPLIP}=="1", TAG+="udev-acl" - -# optical drives -SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="udev-acl" -SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="udev-acl" - -# sound devices -SUBSYSTEM=="sound", TAG+="udev-acl" - -# ffado is an userspace driver for firewire sound cards -SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="udev-acl" - -# webcams, frame grabber, TV cards -SUBSYSTEM=="video4linux", TAG+="udev-acl" -SUBSYSTEM=="dvb", TAG+="udev-acl" - -# IIDC devices: industrial cameras and some webcams -SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="udev-acl" -SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="udev-acl" -# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more -SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="udev-acl" -SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="udev-acl" - -# DRI video devices -SUBSYSTEM=="drm", KERNEL=="card*", TAG+="udev-acl" - -# KVM -SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="udev-acl" - -# smart-card readers -ENV{ID_SMARTCARD_READER}=="*?", TAG+="udev-acl" - -# PDA devices -ENV{ID_PDA}=="*?", TAG+="udev-acl" - -# Programmable remote control -ENV{ID_REMOTE_CONTROL}=="1", TAG+="udev-acl" - -# joysticks -SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="udev-acl" - -# color measurement devices -ENV{COLOR_MEASUREMENT_DEVICE}=="*?", TAG+="udev-acl" - -# DDC/CI device, usually high-end monitors such as the DreamColor -ENV{DDC_DEVICE}=="*?", TAG+="udev-acl" - -# media player raw devices (for user-mode drivers, Android SDK, etc.) -SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="udev-acl" - -# apply ACL for all locally logged in users -LABEL="acl_apply", TAG=="udev-acl", TEST=="/var/run/ConsoleKit/database", \ - RUN+="udev-acl --action=$env{ACTION} --device=$env{DEVNAME}" - -LABEL="acl_end" diff --git a/remote/rootfs/rootfs-stage32/rootfs-stage32.conf b/remote/rootfs/rootfs-stage32/rootfs-stage32.conf index ab2ac4cc..b59a8237 100644 --- a/remote/rootfs/rootfs-stage32/rootfs-stage32.conf +++ b/remote/rootfs/rootfs-stage32/rootfs-stage32.conf @@ -128,6 +128,7 @@ REQUIRED_KERNEL_MODULES=" kernel/net kernel/sound kernel/fs/autofs4/autofs4 + kernel/drivers/net/macvtap.ko " REQUIRED_FIRMWARE=" 3com |