git://git.iain.cx/iain / profile.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Export SCREENRC in become.
[profile.git] / opt / bin / become
1 #!/bin/bash
2
3 chdir=0
4 kerberos=0
5 x11=0
6 while getopts ":kx" opt; do
7   case $opt in
8     c) chdir=1;;
9     k) kerberos=1;;
10     x) x11=1;;
11   esac
12 done
13 shift $((OPTIND-1))
14
15 user="$1"; shift
16 if [ -z "$user" ]; then
17   echo >&2 "Usage: become [-c] [-k] [-x] <user>"
18   echo >&2 "Options: -c   Stay in current directory even if target user is not root."
19   echo >&2 "         -k   Delegate Kerberos credentials even if target user is not root."
20   echo >&2 "         -x   Delegate X11 cookie even if target user is not root."
21   exit 1
22 fi
23
24 uid=$(PATH=/usr/xpg4/bin:/usr/bin id -u "$user" 2>/dev/null)
25 if [ -z "$uid" ]; then
26   echo >&2 "Who is $user?"
27   exit 2
28 fi
29
30 if [ $uid = 0 ]; then
31   chdir=1
32   kerberos=1
33   x11=1
34 fi
35
36 PRINCIPAL=$(klist 2>/dev/null | sed -n 's/^Default principal: //p')
37 if [ $x11 = 1 -a -n "$DISPLAY" -a "${DISPLAY##localhost:}" = "$DISPLAY" ]; then
38   COOKIE="$(xauth list $DISPLAY)"
39 fi
40 ignore_profile_user=0
41 for candidate in "$HOME" "$PROFILE_HOME"; do
42   [ -n "$candidate" ] || continue
43   BECOME="$candidate/.become"
44   [ -d "$BECOME" ] || continue
45
46   # Script to run when becoming any user.
47   [ -z "$allusersprofile" ] && allusersprofile="$BECOME/all"
48   [ -f "$allusersprofile" ] || allusersprofile=
49
50   # Set $HOME/all sticky to ignore $PROFILE_HOME/$user.
51   if [ "$candidate" = "$HOME" ]; then
52     [ -k "$BECOME/all" ] && ignore_profile_user=1
53   else
54     [ $ignore_profile_user = 1 ] && continue
55   fi
56
57   # Script to run (after the one mentioned above) when becoming this user.
58   [ -z "$userprofile" ] && userprofile="$BECOME/$user"
59   [ -f "$userprofile" ] || userprofile=
60 done
61
62 file="${TMPDIR:-/tmp}/$USER.become.$user.$RANDOM.$$"
63 umask=$(builtin umask -p)
64 builtin umask 077
65 if exec 3>"$file" && exec <"$file" && rm "$file"; then
66   builtin $umask
67   echo >&3 "cd"
68   echo >&3 "PROFILE_HOME='${PROFILE_HOME:-$HOME}'"
69   if [ -n "$PRINCIPAL" ]; then
70     echo >&3 "PRINCIPAL='$PRINCIPAL'"
71     if [ $kerberos = 1 ]; then
72       ccname=$(klist 2>/dev/null | sed -n 's/^Ticket cache: [DF]I[LR][E:]://p')
73       if [ -f "$ccname" ]; then
74         echo >&3 "export KRB5CCNAME='$KRB5CCNAME'"
75         openssl=$(find_working openssl)
76         if [ -n "$openssl" ]; then
77           echo >&3 "KRB5OPENSSL='$openssl'"
78           echo >&3 "KRB5BASE64='$($openssl enc -a -in $ccname)'"
79         fi
80       fi
81     fi
82   fi
83   if [ -n "$DISPLAY" -a -n "$COOKIE" ]; then
84     echo >&3 "xauth add $COOKIE"
85   else
86     echo >&3 "unset DISPLAY"
87   fi
88   if [ ! "$PROFILE_HOME" = "$HOME" ]; then
89     echo >&3 "export SCREENRC=$PROFILE_HOME/.screenrc"
90   fi
91 else
92   exit 111
93 fi
94
95 echo >&3 ". ${PROFILE_HOME:-$HOME}/.bash_profile"
96 [ -f "$allusersprofile" ] && cat >&3 2>/dev/null "$allusersprofile"
97 [ -f "$userprofile" ] && cat >&3 2>/dev/null "$userprofile"
98 [ $chdir = 1 ] && echo >&3 2>/dev/null "cd - &>/dev/null"
99
100 exec 3>&-
101 dir=$(dirname "$0")
102 [ "$dir" = "." ] && dir="$PWD"
103 exec sudo -H -u "$user" "$dir/became"
104 exit 111
Home directory stuff.