mountctl/ 0000770 0001750 0001750 00000000000 13140624624 012272 5 ustar thomas thomas mountctl/usr/ 0000770 0001750 0001750 00000000000 13140616371 013103 5 ustar thomas thomas mountctl/usr/share/ 0000770 0001750 0001750 00000000000 13407420007 014200 5 ustar thomas thomas mountctl/usr/share/polkit-1/ 0000770 0001750 0001750 00000000000 13140616371 015645 5 ustar thomas thomas mountctl/usr/share/polkit-1/actions/ 0000770 0001750 0001750 00000000000 13411461310 017275 5 ustar thomas thomas mountctl/usr/share/polkit-1/actions/LocalExtPermissions.policy 0000644 0001750 0001750 00000003275 13411461167 024511 0 ustar thomas thomas
yes
yes
yes
/usr/local/bin/mountctl
auth_admin
auth_admin
yes
/usr/local/bin/autoupdate
true
auth_admin
auth_admin
yes
/usr/local/bin/selnic
true
mountctl/usr/share/polkit-1/actions/ReadMe 0000644 0001750 0001750 00000000750 13411461310 020362 0 ustar thomas thomas Die Rechte MÜSSEN wie folgt gesetzt sein. Die Policies sind normalerweise
"monitored" und Veränderungen werden meisten automatisch erkannt. Unter
Umständen, falsch es nicht funktioniert, ist aber nach der Einrichtung
ein Re-Login oder auch ein Neustart erforderlich.
ls /usr/share/polkit-1/actions
insgesamt 804K
drwxr-xr-x 2 root root 4,0K 2017-07-28 10:30 .
drwxr-xr-x 3 root root 4,0K 2017-03-05 16:52 ..
-rw-r--r-- 1 root root 5,9K 2016-12-29 18:29 LocalExtPermissions.policy
mountctl/usr/local/ 0000770 0001750 0001750 00000000000 13140624037 014173 5 ustar thomas thomas mountctl/usr/local/bin/ 0000770 0001750 0001750 00000000000 13140625154 014744 5 ustar thomas thomas mountctl/usr/local/bin/sessionctl 0000644 0001750 0001750 00000007230 13401012007 017045 0 ustar thomas thomas #!/bin/bash
#===========================================================================================================================================
# Descripton : Launch Processes after User is logged in (PAM-Event)
#
# Script-Name : sessionctl
# Created by : TomL*thlu.de
# Version : V.2.0
# Date : 02.12.2018
# Lizenz : GNU GPL3
#
# Dependent on : /etc/pam.d/common-session
#===========================================================================================================================================
if [ "$3" == "debug" ]; then
PAM_USER=$1
PAM_SERVICE="login"
[ "$2" == "o" ] && PAM_TYPE="open_session"
[ "$2" == "c" ] && PAM_TYPE="close_session"
fi
echo "started! PAM_USER=$PAM_USER PAM_TYPE=$PAM_TYPE PAM_SERVICE=$PAM_SERVICE" | systemd-cat -t "thlu:$(basename $0)" -p info
if [ "$PAM_USER" == "root" ]; then
echo "further processing stopped because root-login" | systemd-cat -t "thlu:$(basename $0)" -p info
exit 0
fi
#--------------------------------------------------------------------------------------------------------------------------------------------------
case $PAM_SERVICE in
# kein regulärer Login über Desktop-Environment
su|sshd|polkit-1)
echo "Terminated due to PAM_SERVICE=$PAM_SERVICE" | systemd-cat -t "thlu:$(basename $0)" -p info
exit 0
;;
#--------------------------------------------------------------------------------------------------------------------------------------------------
# lightdm, mdm (Mint-DM), login
*)
ctlfile="/var/run/sessionctl.user"
pam_user=""
sessioncnt=0
if [ -f "$ctlfile" ]; then
tmp=$(grep -i pam_user $ctlfile | awk -F '=' '{ print $2 }')
[ -n "$tmp" ] && tmp=${tmp// /}
[ -n "$tmp" ] && pam_user=$tmp
tmp=$(grep -i sessioncnt $ctlfile | awk -F '=' '{ print $2 }')
[ -n "$tmp" ] && tmp=${tmp// /}
[ -n "$tmp" ] && sessioncnt=$tmp
else
pam_user=$PAM_USER
fi
if [ "$pam_user" != "$PAM_USER" ]; then
echo "new user not matching: $pam_user != $PAM_USER, skip processing mountctl.service" | systemd-cat -t "thlu:$(basename $0)" -p info
exit 0
fi
if [ "$PAM_TYPE" == "open_session" ]; then
(( sessioncnt++ ))
echo -e "pam_user = $PAM_USER\nsessioncnt = $sessioncnt" >$ctlfile
if [[ sessioncnt -gt 1 ]]; then
echo "user already logged in: pam_user=$pam_user new sessioncounter=$sessioncnt" | systemd-cat -t "thlu:$(basename $0)" -p info
else
[ "$(/bin/systemctl is-active mountctl@$pam_user.service)" == "inactive" ] && /bin/systemctl start mountctl@$pam_user.service &
fi
elif [ "$PAM_TYPE" == "close_session" ]; then
if [[ sessioncnt -eq 0 ]]; then
echo "close_session pam_user=$pam_user no active session found" | systemd-cat -t "thlu:$(basename $0)" -p info
else
(( sessioncnt-- ))
echo "close_session new sessioncounter=$sessioncnt" | systemd-cat -t "thlu:$(basename $0)" -p info
echo -e "pam_user = $PAM_USER\nsessioncnt = $sessioncnt" >$ctlfile
[[ sessioncnt -gt 0 ]] && exit 0
[ "$(/bin/systemctl is-active mountctl@$pam_user.service)" == "active" ] && /bin/systemctl stop mountctl@$pam_user.service &
/bin/rm $ctlfile
fi
fi
;;
esac
exit 0
#--------------------------------------------------------------------------------------------------------------------------------------------------
mountctl/usr/local/bin/serverctl 0000644 0001750 0001750 00000002527 13401012434 016700 0 ustar thomas thomas #!/bin/bash
#=============================================================================================
# Description : Check if given server is reachable
#
# Script-Name : serverctl
# Version : 2.0
# Date : 02.12.2018
# Written by : TomL*thlu.de
# Licence : GNU GPL3
#=============================================================================================
[ -z "$1" ] && Server="8.8.8.8" || Server=$1
echo "active/running Server=$Server" | systemd-cat -t "thlu:$(basename $0)" -p "info"
timeout=85
Diff=0
HomeNetIsConnect=-1
Start=$(date +%s);
while [ true ]; do
/bin/ping -c1 -W1 -q $Server &>/dev/null
HomeNetIsConnect=$?
[ $HomeNetIsConnect -eq 0 ] && break
/bin/sleep 0.5
End=$(date +%s);
Diff=$((End-Start))
[[ Diff -gt timeout ]] && break
done
rc=0
if [[ $HomeNetIsConnect -eq 0 ]]; then
echo "Host $Server is reachable! (RC:$HomeNetIsConnect, after $Diff Seconds wait)" | systemd-cat -t "thlu:$(basename $0)" -p "info"
else
echo "Host $Server is not reachable! (RC:$HomeNetIsConnect, after $Diff Seconds wait)" | systemd-cat -t "thlu:$(basename $0)" -p "err"
rc=1
fi
echo "Successful terminated with exitcode=$rc" | systemd-cat -t "thlu:$(basename $0)" -p "info"
exit $rc
#=============================================================================================
#EOF mountctl/usr/local/bin/mountctl 0000644 0001750 0001750 00000023331 13430021706 016534 0 ustar thomas thomas #!/bin/bash
#===========================================================================================================================================
# Description : Controlled user-binded mounting and unmounting of network drives
#
# Script-Name : mountctl
# Written by : TomL*thlu.de
# Version : 2.3.3
# Date : 10.02.2019
# Lizenz : GNU GPL3
#
# Dependencies : dialog, PAM->common-session, polkit->Permission, serverctl, sessionctl
#===========================================================================================================================================
Action=""
CurrUser=""
UsersGroups=""
aMountUnits=()
aUserGrps=()
[ -n "$1" ] && Action=$1
[ -n "$2" ] && CurrUser=$2
#===========================================================================================================================================
ErrExit()
{
local tmp=""
[ $1 -eq 1 ] && tmp="Canceled! User=$CurrUser not exist or no user defined or root as user (root is not a samba-user)!"
[ $1 -eq 2 ] && tmp="Nothing to do! No mounts defined."
[ $1 -eq 3 ] && tmp="Job canceled, wrong or missing parameters. See: journalctl -b | grep mountctl"
[ $1 -eq 4 ] && tmp="Job canceled, resume Network failed"
[ $1 -gt 0 ] && /bin/echo "$tmp" | systemd-cat -t "thlu:$(basename $0)" -p "err"
/bin/echo -e "$tmp\n\nUsage: $0 {start | stop | poweroff | reboot | suspend} {existing username}"
exit 1
}
#===========================================================================================================================================
IsGroupOK()
{
[ -z "$1" ] && return 0
for i in "${!aUserGrps[@]}"; do
[[ "$1" =~ "${aUserGrps[i]}" ]] && return 0
done
return 1
}
#===========================================================================================================================================
SetupOrReleaseMounts()
{
local action="" # 0=mount, 1=umount
[ -n "$1" ] && action=$1 || return 1
for x in ${!aMountUnits[*]}; do
tmp=${aMountUnits[$x]}
munit=$(awk -F ':' '{ print $1 }' <<< $tmp) # links von ':'
munit=$(basename "$munit")
munit="${munit//'@'/@$CurrUser}" # Replace @ durch @Username
mgrp=$(awk -F 'mountctlgroup=' '{ print $2 }' <<< $tmp) # rechts von 'mountctlgroup='
IsGroupOK "$mgrp"
if [[ $? -eq 0 ]]; then
if [[ $action -eq 0 ]]; then
if [ ! "$(/bin/systemctl is-active $munit)" == "active" ]; then
/bin/echo "start $munit" | systemd-cat -t "thlu:$(basename $0)" -p "info"
/bin/systemctl start $munit
fi
else
if [ "$(/bin/systemctl is-active $munit)" == "active" ]; then
/bin/echo "stop $munit" | systemd-cat -t "thlu:$(basename $0)" -p "info"
/bin/systemctl stop $munit
fi
fi
/bin/sleep 1
else
/bin/echo "start $munit failed! group-permissions denied" | systemd-cat -t "thlu:$(basename $0)" -p "info"
fi
done
return 0
}
#===========================================================================================================================================
while read line; do # Relevante Units mit 'mountctlgroup' ermitteln
[ -n "$line" ] && aMountUnits+=( "$line" )
done < <(/bin/grep -i "mountctlgroup" /etc/systemd/system/*.service; echo "")
if [ -z "$CurrUser" ]; then # kein user übergeben?
if [ -s /var/run/mountctl.user ]; then
CurrUser=$(cat /var/run/mountctl.user) # mounts aktiv? ja, gleichen user erneut verwenden
elif [ -s /var/run/sessionctl.user ]; then # oder
CurrUser=$(grep -i pam_user /var/run/sessionctl.user | awk -F '=' '{ print $2 }') # neue anmeldung? neuen user übernehmen
CurrUser=${CurrUser// /}
else
CurrUser=$USER
fi
fi
[ -n "$CurrUser" ] && [ -z "$(cat /etc/passwd | grep ^$CurrUser:)" ] && ErrExit 1 # gültiger user?
[ -z "$CurrUser" ] && ErrExit 1
[ "$CurrUser" == "root" ] && ErrExit 1
/bin/echo "active/running Action=$Action CurrUser=$CurrUser" | systemd-cat -t "thlu:$(basename $0)" -p "info"
tmp=$(/usr/bin/groups "$CurrUser" 2>/dev/null)
tmp=$(awk -F ':' '{ print $2 }' <<< $tmp)
aUserGrps=(${tmp// / })
[ ${#aMountUnits[*]} -eq 0 ] && ErrExit 2
#-------------------------------------------------------------------------------------------------------------------------------------------
# start = called after login from pam_session-Exec
# resume = called after suspend from suspend-resume.service
rc=0
case $Action in
start)
/bin/echo "Processing mount ($Action)" | systemd-cat -t "thlu:$(basename $0)" -p "info"
SetupOrReleaseMounts 0
[ "$Action" == "start" ] && echo "$CurrUser" >/var/run/mountctl.user
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
stop)
sync
/bin/echo "Processing umount ($Action)" | systemd-cat -t "thlu:$(basename $0)" -p "info"
SetupOrReleaseMounts 1
while read line
do
/bin/umount $line -f 2>&1
done < <(/bin/cat /proc/mounts | grep // | awk -F ' ' '{ print $1 }')
[ -f /var/run/mountctl.user ] && /bin/rm /var/run/mountctl.user
/bin/sleep 1
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
logout)
/bin/echo "Processing logout: $CurrUser" | systemd-cat -t "thlu:$(basename $0)" -p "info"
export PAM_TYPE="close_session"
export PAM_USER="$CurrUser"
/usr/local/bin/sessionctl
/bin/loginctl terminate-session $(/bin/loginctl | grep $CurrUser | awk -F ' ' '{ print $1 }')
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
poweroff)
[ -f /usr/bin/dialog ] && /usr/bin/dialog --infobox "Hinweis:\n\nDer Computer wird in wenigen Sekunden ausgeschaltet." 7 70
/bin/systemctl stop mountctl@$CurrUser
/bin/systemctl poweroff -i >/dev/null 2>&1
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
reboot)
[ -f /usr/bin/dialog ] && /usr/bin/dialog --infobox "Hinweis:\n\nDer Computer wird in wenigen Sekunden neu gestartet." 7 70
/bin/systemctl stop mountctl@$CurrUser
/bin/systemctl reboot -i >/dev/null 2>&1
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
suspend)
[ -f /usr/bin/dialog ] && /usr/bin/dialog --infobox "Hinweis:\n\nDer Computer wird in wenigen Sekunden in den Ruhezustand versetzt." 7 70
nics=($(ip link show | /bin/grep broadcast -i | grep "state UP" | awk -F ': ' '{ print $2 }' | sort -b -g))
for iface in "${nics[@]}"; do
if [[ $iface =~ ^e ]]; then
if [[ ! "$(readlink /sys/class/net/$iface)" =~ "devices/virtual" ]]; then
echo "$iface" >/var/run/mountctl.ifce
break
fi
fi
done
/bin/systemctl stop mountctl@$CurrUser
/bin/systemctl stop serverctl
/bin/systemctl suspend -i >/dev/null 2>&1
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
resume)
if [ -s /var/run/mountctl.ifce ]; then
iface=$(cat /var/run/mountctl.ifce) # get active interface before suspend
ip4=""
for ((n=0;n<30;n++)); do # up to 30 seconds wait until the network is resumed
ip4=$(ip -4 -o addr show $iface | grep "scope global" -m 1 | cut -d\ -f 7 | cut -d/ -f 1)
[ -n "$ip4" ] && break || sleep 1
done
if [ -z "$ip4" ]; then # network is dead?
/bin/echo "Network failed, restarting" | systemd-cat -t "thlu:$(basename $0)" -p "info"
/sbin/ip link set dev "$iface" down
/bin/sleep 3
/sbin/ip link set dev "$iface" up
/bin/systemctl is-active systemd-networkd && /bin/systemctl restart systemd-networkd
/bin/systemctl is-active networking && /bin/systemctl restart networking
/bin/systemctl is-active ifup@$iface && /bin/systemctl restart ifup@$iface
fi
fi
/bin/systemctl start serverctl && /bin/sleep 5 || ErrExit 4
/bin/systemctl start mountctl@$CurrUser || ErrExit 4
/bin/echo "Network successfully resumed" | systemd-cat -t "thlu:$(basename $0)" -p "info"
;;
#-------------------------------------------------------------------------------------------------------------------------------------------
*)
ErrExit 3
;;
esac
/bin/echo "Successful terminated with exitcode=$rc" | systemd-cat -t "thlu:$(basename $0)" -p "info"
exit $rc
#===========================================================================================================================================
#EOF
mountctl/usr/local/share/ 0000770 0001750 0001750 00000000000 13140624466 015303 5 ustar thomas thomas mountctl/usr/local/share/Icons/ 0000770 0001750 0001750 00000000000 13407417777 016371 5 ustar thomas thomas mountctl/usr/local/share/Icons/poweroff.png 0000644 0001750 0001750 00000036114 12574030134 020714 0 ustar thomas thomas PNG
IHDR >a <IDATx^}Wy{Δ[]e
6.~ @ ` L I!fScvBwP%V[$Ve{m;9{{we|ϔ;w{Kc˵LE o$1 19xNJcK ,.99LH 3
:` J()K\s9 Ri
X
C b