Merge branch 'issue/3254' into 'develop'

Issue/3254



See merge request !8

server/modules/local-accounts-ecrypt/opt/openslx/scripts/local-accounts.d/insert.d/00.sh

+#!/bin/bash
+
+# This binds the ecryptfs and private directories to
+# the one on pendrive
+
+               # $0 this script
+$username= $1  # $1 the username
+$mountpath= $2 # $2 the mount path of the pendrive
+
+
+if [ -d "${mountpath}/Openslx/.ecryptfs/${username}" ]; then
+	#binds the .ecryptfs folder directory to each user ecryptfs
+	mkdir -p /home/.ecryptfs/${username}/
+	mount --bind ${mountpath}/Openslx/.ecryptfs/${username} /home/.ecryptfs/${username}
+	ln -s /home/.ecryptfs/${username}/.ecryptfs /home/${username}/
+	ln -s /home/.ecryptfs/${username}/.Private /home/${username}/
+	chown -R ${username}:${username} /home/${username}/.ecryptfs
+	chown -R ${username}:${username} /home/.ecryptfs/${username}
+
+fi

server/modules/local-accounts-ecrypt/usr/lib/x86_64-linux-gnu/libnss3.so.1d

+libnss3.so
\ No newline at end of file

server/modules/local-accounts-ecrypt/usr/lib/x86_64-linux-gnu/libnssutil3.so.1d

+libnssutil3.so
\ No newline at end of file

server/modules/local-accounts/opt/openslx/scripts/adduser.sh

 #!/bin/ash
 
+#Source path properties
+. /opt/openslx/scripts/local-accounts_path.sh
+
 #Errors Codes:
 #defaults:
     # 0 Tudo certo
@@ -135,7 +138,7 @@ remove_user(){
 }
 
 #This script can only be executed by a root/sudoer user
-if [ "$(/usr/bin/id -r -u)" != "0" ]; then
+if [ "$(id -r -u)" != "0" ]; then
     echo $0": Você não possue as permissoes necessárias para realizar essa operação"
     exit 1
 fi

server/modules/local-accounts/opt/openslx/scripts/local-accounts.sh

 #!/bin/ash
 
+#Source path properties
+. /opt/openslx/scripts/local-accounts_path.sh
+
 #Check if the user running this code has permissoes to run it
-if [ "$(/opt/openslx/bin/id -u)" != "0" ]; then
+if [ "$(id -u)" != "0" ]; then
     echo $0": Você não possue as permissoes necessárias para realizar essa operação"
     exit 1
 else
@@ -136,3 +139,4 @@ for pen in $(ls -tr /dev/disk/by-id/usb*); do
      /opt/openslx/scripts/local-accounts_insert-data.sh "$dev"
      #echo "$dev"
 done
+exit 0

server/modules/local-accounts/opt/openslx/scripts/local-accounts_insert-data.sh

 #!/bin/ash
 
+#Source path properties
+. /opt/openslx/scripts/local-accounts_path.sh
+
+
 # EXIT CODES
 # 0 SUCCESS
 # 1 DEVICE COULD NOT BE MOUNTED
@@ -55,6 +59,12 @@ dev="$1"
 prepare_usb "$dev" #returns at $mountpath
 # will only continue if the device that triggered is a valid openslx device
 echo "$0: an openslx ready drive is mounted at: $mountpath"
+if [ ! -e "/home/openslx/usb_slx" ]; then
+    mkdir -p "/home/openslx/usb_slx";
+fi
+# Create a file that makes sure that this drive is a openslx users
+# to be used to umount it
+touch "/home/openslx/usb_slx/$dev"
 
 unset IFS
 users=$(cat "$mountpath/Openslx/.config");
@@ -101,6 +111,18 @@ while (( [ $# -gt 0 ] )); do
             #Add to a file what pendrive this user is from
             mount --bind $mountpath/Openslx/$username /home/$username
             echo "/dev/$dev" > "/home/openslx/usb_users/$username"
+
+            #if ext4, change owner to new user and create ecrypted
+            #home if the user has the necessary files
+            drive_type=$(cat /proc/self/mountinfo | grep "/dev/$dev" | head -n1 | cut -d' ' -f9)
+            if ( [ "$drive_type" = "ext4" ] );then
+                echo "$username is on an ext4 drive, thus crypting";
+                chown -R $username:$groupname $mountpath/Openslx/$username
+                chown -R $username:$groupname /home/$username
+
+                script=$(ls /opt/openslx/scripts/local-accounts.d/insert.d/* | head -n1)
+                source $script $username $mountpath
+            fi
         fi
     fi
 done

server/modules/local-accounts/opt/openslx/scripts/local-accounts_path.sh

+if $(echo $PATH | grep "/opt/openslx/bin" -vq); then
+    PATH=$PATH":/opt/openslx/bin"
+fi

server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh

 #!/bin/sh
 
+#Source path properties
+. /opt/openslx/scripts/local-accounts_path.sh
+
 remove (){
 
 #exec 1<&-
@@ -9,11 +12,13 @@ remove (){
 #set -x
 
     user_drive="/dev/$1"
-
+    dev=$1
     #check if this is a openslx drive
     mountpath=$(mount | sed 's/ type.*//' | grep -w $dev | cut -d' ' -f3- | head -n1)
-    if [ -e "$mountpath/Openslx/.config" ]; then
+    #if [ -e "$mountpath/Openslx/.config" ]; then
+    if [ -e "/home/openslx/usb_slx/$dev"  ]; then
         echo "$0: /dev/$dev is an openslx ready drive"
+        rm "/home/openslx/usb_slx/$dev"
     else
         echo "$0: /dev/$dev is not ready to be used as an openslx drive"
         exit 2 # stops openslx users_pendrive execution for this dev

server/modules/local-accounts/opt/openslx/scripts/logout.sh

+#!/bin/ash
+
+# runs on logout of users
+
+sync
+echo "syncing"

server/modules/local-accounts/opt/openslx/scripts/systemd-local_accounts

 #!/bin/ash
 
+echo "trap \"/opt/openslx/scripts/logout.sh\" 0" >>  /etc/profile
 mkdir -p /home/openslx/localaccounts/bak
 for file in passwd group shadow; do
     echo $0": making backup of "$file
     cp /etc/$file /home/openslx/localaccounts/bak/$file
 done
 
-/opt/openslx/scripts/local_accounts.sh
+/opt/openslx/scripts/local-accounts.sh