You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 lines
2.2 KiB
63 lines
2.2 KiB
#!/bin/bash
|
|
#
|
|
# Initial script for Live operating system
|
|
# This script are launching before starting init from linux-live script.
|
|
# Current dir allways must be set to root (/)
|
|
# All system path must be relative, except initrd dirs
|
|
|
|
ENABLED=yes
|
|
[ "$ENABLED" != "yes" ] && exit 0
|
|
DEBUGMODE=no
|
|
|
|
PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
|
|
|
|
unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=.
|
|
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
|
|
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
|
|
debug_mode "$0" "$@"
|
|
|
|
SYSCONF="${ROOTFS}/${SYSCONF}"
|
|
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
|
|
SOURCE=${SYSCONF}/security; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
|
|
|
|
exec_access_allowed_login(){
|
|
## Управление доступом в систему, правила разрешения
|
|
FILE_ACCESS_CONF="${ROOTFS}/etc/security/access.d/01-ublinux-allowed.conf"
|
|
rm -f "${FILE_ACCESS_CONF}"
|
|
if [[ -n ${ACCESS_ALLOWED_LOGIN} ]]; then
|
|
[[ -d ${FILE_ACCESS_CONF%/*} ]] || mkdir -p ${FILE_ACCESS_CONF%/*}
|
|
tr , $'\n' <<< ${ACCESS_ALLOWED_LOGIN} | while read RULE; do
|
|
echo "+:${RULE}" >> "${FILE_ACCESS_CONF}"
|
|
done
|
|
fi
|
|
}
|
|
exec_access_denied_login(){
|
|
## Управление доступом в систему, правила блокировки
|
|
FILE_ACCESS_CONF="${ROOTFS}/etc/security/access.d/02-ublinux-denied.conf"
|
|
rm -f "${FILE_ACCESS_CONF}"
|
|
if [[ -n ${ACCESS_DENIED_LOGIN} ]]; then
|
|
[[ -d ${FILE_ACCESS_CONF%/*} ]] || mkdir -p ${FILE_ACCESS_CONF%/*}
|
|
tr , $'\n' <<< ${ACCESS_DENIED_LOGIN} | while read RULE; do
|
|
echo "-:${RULE}" >> "${FILE_ACCESS_CONF}"
|
|
done
|
|
fi
|
|
}
|
|
|
|
################
|
|
##### MAIN #####
|
|
################
|
|
|
|
if [[ -z $@ ]]; then
|
|
while read -r FUNCTION; do
|
|
$"${FUNCTION##* }"
|
|
done < <(declare -F | grep "declare -f exec_")
|
|
else
|
|
# for FUNCTION in $@; do
|
|
# declare -f ${FUNCTION} &>/dev/null && ${FUNCTION}
|
|
# done
|
|
while [[ $# -gt 0 ]]; do
|
|
declare -f ${1} &>/dev/null && FUNCTION+="; ${1}" && shift || { FUNCTION+=" ${1}" && shift; }
|
|
done
|
|
eval ${FUNCTION#*; }
|
|
fi
|