|
|
#!/usr/bin/env bash
|
|
|
|
|
|
ENABLED=yes
|
|
|
[ "$ENABLED" != "yes" ] && exit 0
|
|
|
DEBUGMODE=no
|
|
|
|
|
|
. /usr/lib/ublinux/functions
|
|
|
. /usr/lib/ublinux/os-config
|
|
|
debug_mode "$0" "$@"
|
|
|
|
|
|
SOURCE=${SYSCONF}/config; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
|
|
|
SOURCE=${SYSCONF}/kiosk; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
|
|
|
|
|
|
## Настрока polkit парвил
|
|
|
rm -f /etc/polkit-1/rules.d/kiosk-*
|
|
|
if [[ -n ${POLKIT[@]} ]]; then
|
|
|
for RULES in "${!POLKIT[@]}"; do
|
|
|
RULES_GROUP=
|
|
|
RULES_FILE="/etc/polkit-1/rules.d/kiosk-$(sed 's/\([A-z0-9]*.[A-z0-9]*.[A-z0-9]*\)\..*/\1/' <<< ${RULES}).rules"
|
|
|
RULES_RESULT=$(cut -d: -f1 <<< ${POLKIT[${RULES}]})
|
|
|
for GROUP in $(cut -d: -f2 <<< ${POLKIT[${RULES}]} | tr ',' '\n'); do
|
|
|
RULES_GROUP+="&& subject.isInGroup(\"${GROUP}\") "
|
|
|
done
|
|
|
cat >> ${RULES_FILE} <<EOF
|
|
|
polkit.addRule(function(action, subject) {
|
|
|
if (action.id.indexOf("${RULES}") == 0
|
|
|
&& subject.active == true
|
|
|
&& subject.local == true
|
|
|
${RULES_GROUP}
|
|
|
)
|
|
|
{
|
|
|
return polkit.Result.${RULES_RESULT^^};
|
|
|
}
|
|
|
});
|
|
|
|
|
|
EOF
|
|
|
done
|
|
|
fi
|
|
|
|
|
|
## Настройка desktop файлов
|
|
|
if [[ -n ${APPDESKTOP_WHITELIST[@]} ]]; then
|
|
|
for USER in "${!APPDESKTOP_WHITELIST[@]}"; do
|
|
|
true
|
|
|
done
|
|
|
fi
|
|
|
if [[ -n ${APPDESKTOP_BLACKLIST[@]} ]]; then
|
|
|
for USER in "${!APPDESKTOP_BLACKLIST[@]}"; do
|
|
|
if [[ ${USER} == "LOCAL" ]]; then
|
|
|
# for DESKTOP_FILE in $(tr ',;' '\n' <<< ${APPDESKTOP_BLACKLIST[${USER}]}); do
|
|
|
true
|
|
|
# done
|
|
|
elif [[ ${USER} == "GLOBAL" ]]; then
|
|
|
for DESKTOP_FILE in $(tr ',;' '\n' <<< ${APPDESKTOP_BLACKLIST[${USER}]}); do
|
|
|
if [[ ${DESKTOP_FILE} == "*" ]]; then
|
|
|
for DESKTOP_FILE_FIND in $(find /usr/share/applications/ /usr/share/local/applications/ /home/*/.local/share/applications/ -type f -iname "*.desktop"); do
|
|
|
DESKTOP_FILE_FIND_NAME=${DESKTOP_FILE_FIND##*/}; DESKTOP_FILE_FIND_NAME=${DESKTOP_FILE_FIND_NAME%.desktop}
|
|
|
#Нужно сравнить с белым списком, и то что в белом списке есть не удалить
|
|
|
# if [[ ${DESKTOP_FILE_FIND_NAME} ==
|
|
|
done
|
|
|
else
|
|
|
rm -f /usr/share/applications/${DESKTOP_FILE}.desktop
|
|
|
rm -f /usr/share/local/applications/${DESKTOP_FILE}.desktop
|
|
|
rm -f /home/*/.local/share/applications/${DESKTOP_FILE}.desktop
|
|
|
fi
|
|
|
done
|
|
|
else
|
|
|
true
|
|
|
fi
|
|
|
done
|
|
|
fi
|
|
|
|
|
|
# while read LSPCI_DEVICE; do
|
|
|
# while read KERNEL_MODULE; do
|
|
|
# [[ ${KERNEL_MODULE} != "nouveau" ]] && modprobe ${KERNEL_MODULE} 2>/dev/null && break
|
|
|
# done < <(lspci -ks ${LSPCI_DEVICE%% *} | grep 'Kernel modules:' | cut -d: -f2 | tr ',' '\n' | tac)
|
|
|
# done < <(lspci | egrep -i 'vga|3d')
|
|
|
|
