X-Git-Url: http://git.iain.cx/?a=blobdiff_plain;f=opt%2Fbin%2Fbecome;h=e874ae52943e334779d8d53545102506b0214bc3;hb=5238da68cdb1f51a416564a0faeb909f25d9b168;hp=9be0b9b81dd29e8d62209019c33905b115a86499;hpb=b3d373ad52b5671234fbe6361e509fef08ac2111;p=profile.git diff --git a/opt/bin/become b/opt/bin/become index 9be0b9b..e874ae5 100755 --- a/opt/bin/become +++ b/opt/bin/become @@ -1,34 +1,51 @@ #!/bin/bash +chdir=0 kerberos=0 -while getopts ":k" opt; do +x11=0 +while getopts ":kx" opt; do case $opt in - k) kerberos=1 + c) chdir=1;; + k) kerberos=1;; + x) x11=1;; esac done shift $((OPTIND-1)) user="$1"; shift if [ -z "$user" ]; then - echo >&2 "Usage: become [-k] " - echo >&2 "Options: -k Delegate Kerberos credentials even if target user is not root." + echo >&2 "Usage: become [-c] [-k] [-x] " + echo >&2 "Options: -c Stay in current directory even if target user is not root." + echo >&2 " -k Delegate Kerberos credentials even if target user is not root." + echo >&2 " -x Delegate X11 cookie even if target user is not root." exit 1 fi +uid=$(PATH=/usr/xpg4/bin:/usr/bin id -u "$user" 2>/dev/null) +if [ -z "$uid" ]; then + echo >&2 "Who is $user?" + exit 2 +fi + +if [ $uid = 0 ]; then + chdir=1 + kerberos=1 + x11=1 +fi + PRINCIPAL=$(klist 2>/dev/null | sed -n 's/^Default principal: //p') -if [ -n "$DISPLAY" -a "${DISPLAY##localhost:}" = "$DISPLAY" ]; then +if [ $x11 = 1 -a -n "$DISPLAY" -a "${DISPLAY##localhost:}" = "$DISPLAY" ]; then COOKIE="$(xauth list $DISPLAY)" fi BECOME="$HOME/.become" profile="$BECOME/$user" [ -f "$profile" ] || profile="$BECOME/all" -file="$(mktemp)" -if [ -n "$file" ]; then - exec 3>"$file" - exec <"$file" - rm "$file" - +file="${TMPDIR:-/tmp}/$USER.become.$user.$RANDOM.$$" +umask=$(builtin umask -p) +builtin umask 077 +if exec 3>"$file" && exec <"$file" && rm "$file"; then + builtin $umask echo >&3 "cd" echo >&3 "PROFILE_HOME='$HOME'" if [ -n "$PRINCIPAL" ]; then @@ -49,12 +66,16 @@ if [ -n "$file" ]; then else echo >&3 "unset DISPLAY" fi - - echo >&3 2>/dev/null ". $HOME/.bash_profile" - [ -f "$BECOME/all" ] && cat >&3 2>/dev/null "$BECOME/all" - [ -f "$BECOME/$user" ] && cat >&3 2>/dev/null "$BECOME/$user" +else + exit 111 fi +echo >&3 ". $HOME/.bash_profile" +[ -f "$BECOME/all" ] && cat >&3 2>/dev/null "$BECOME/all" +[ -f "$BECOME/$user" ] && cat >&3 2>/dev/null "$BECOME/$user" +[ $chdir = 1 ] && echo >&3 2>/dev/null "cd - &>/dev/null" + +exec 3>&- dir=$(dirname "$0") [ "$dir" = "." ] && dir="$PWD" exec sudo -H -u "$user" "$dir/became"