Add UNSHH_ROOT

2023-11-29 05:27:10 +01:00 · 2023-11-29 05:27:10 +01:00 · 232815d197
parent 3c04bdf643
commit 232815d197
5 changed files with 25 additions and 10 deletions
--- a/app/cmd/help
+++ b/app/cmd/help
@ -5,7 +5,7 @@ echo "\
 Show this help.

 * prefix-start </path/to/prefix> <command>
-Start a program within a prefix. 
+Start a program within a prefix. If UNSHH_ROOT is set to 1, it will use settings that emulate root rights.

 * app-export </path/to/prefix> <application name or /path/to/application.desktop> <name-suffix>
 Add a desktop launcher from the prefix to the host.
--- a/app/skel/scripts/10_env.sh
+++ b/app/skel/scripts/10_env.sh
@ -1,8 +1,13 @@
 UNSHH_PATH_ROOT="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 UNSHH_PATH_USER="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"
 export PATH="$UNSHH_SKELDIR/bin:$UNSHH_PATH_ROOT"
+
 while IFS='=' read -r -d '' n v; do
 	if [ "$n" = "UNSHH_"* ]; then
 		export -n "$n"
    fi
 done < <(env -0)
+
+if ! [ "$UNSHH_ROOT" = "1" ]; then
+	UNSHH_ROOT="0"
+fi
--- a/app/skel/scripts/30_user.sh
+++ b/app/skel/scripts/30_user.sh
@ -1,6 +1,11 @@
-set +e
-unshare --mount --map-root-user -R "$UNSHH_CHROOT" groupadd -g "$UNSHH_GROUP_ID" "$UNSHH_GROUP_NAME"
-unshare --mount --map-root-user -R "$UNSHH_CHROOT" useradd -m --uid "$UNSHH_USER_ID" --gid "$UNSHH_GROUP_ID" "$UNSHH_USER_NAME"
-set -e
-mkdir -p "$UNSHH_CHROOT/home/$UNSHH_USER_NAME/host"
-mount --bind "/home/$UNSHH_USER_NAME" "$UNSHH_CHROOT/home/$UNSHH_USER_NAME/host"
+if [ "$UNSHH_ROOT" = "0" ]; then
+	set +e
+	unshare --mount --map-root-user -R "$UNSHH_CHROOT" groupadd -g "$UNSHH_GROUP_ID" "$UNSHH_GROUP_NAME"
+	unshare --mount --map-root-user -R "$UNSHH_CHROOT" useradd -m --uid "$UNSHH_USER_ID" --gid "$UNSHH_GROUP_ID" "$UNSHH_USER_NAME"
+	set -e
+	mkdir -p "$UNSHH_CHROOT/home/$UNSHH_USER_NAME/host"
+	mount --bind "/home/$UNSHH_USER_NAME" "$UNSHH_CHROOT/home/$UNSHH_USER_NAME/host"
+else
+	mkdir -p "$UNSHH_CHROOT/root/host"
+	mount --bind "/home/$UNSHH_USER_NAME" "$UNSHH_CHROOT/root/host"
+fi
--- a/app/skel/scripts/40_env-post.sh
+++ b/app/skel/scripts/40_env-post.sh
@ -1 +1,3 @@
-export PATH="$UNSHH_PATH_USER"
+if [ "$UNSHH_ROOT" = "0" ]; then
+	export PATH="$UNSHH_PATH_USER"
+fi
--- a/app/skel/scripts/50_start.sh
+++ b/app/skel/scripts/50_start.sh
@ -1,2 +1,5 @@
-exec unshare --mount --map-user="$UNSHH_USER_ID" --map-group="$UNSHH_GROUP_ID" -R "$UNSHH_CHROOT" "${UNSHH_COMMAND[@]}"
-#exec unshare --mount --map-root-user -R "$UNSHH_CHROOT" "${UNSHH_COMMAND[@]}"
+if [ "$UNSHH_ROOT" = "0" ]; then
+	exec unshare --mount --map-user="$UNSHH_USER_ID" --map-group="$UNSHH_GROUP_ID" -R "$UNSHH_CHROOT" "${UNSHH_COMMAND[@]}"
+else
+	exec unshare --mount --map-root-user -R "$UNSHH_CHROOT" "${UNSHH_COMMAND[@]}"
+fi