source: trunk/athena/lib/locker/debian/debathena-liblocker.init @ 24220

Revision 24220, 929 bytes checked in by broder, 15 years ago (diff)
In liblocker: * Make /var/run/attachtab/.{,dir}lock owned by root at startup to prevent a potential DoS from the first user to attach a locker. * Make /var/run/attachtab/ 770 instead of 777 to prevent unprivileged users from being able to get to and potentially manipulate entries they created in the attachtab. * Don't ship the attachtab as part of the package; instead create it during installation by running the init script.
Line 
1#!/bin/sh
2### BEGIN INIT INFO
3# Provides:          attachtab
4# Required-Start:    $local_fs
5# Required-Stop:
6# Default-Start:     S
7# Default-Stop:
8# Short-Description: Creates attachtab.
9# Description:       Creates /var/run/attachtab.
10### END INIT INFO
11
12if [ -e /lib/lsb/init-functions ]; then
13    . /lib/lsb/init-functions
14else
15    alias log_action_begin_msg="echo -n"
16    log_action_end_msg () {
17        echo .
18    }
19fi
20
21case "$1" in
22    start)
23        for dir in /var/run/attachtab \
24            /var/run/attachtab/directory \
25            /var/run/attachtab/locker \
26            /var/run/attachtab/mountpoint; do
27            if ! [ -e "$dir" ]; then
28                mkdir -m 2770 "$dir"
29                chown root:attach "$dir"
30            fi
31        done
32        for lock in /var/run/attachtab/.lock \
33            /var/run/attachtab/.dirlock; do
34            touch "$lock"
35            chown root:attach "$lock"
36            chmod 660 "$lock"
37        done
38        ;;
39    restart|stop|force-reload)
40        ;;
41    *)
42        echo "Usage: $0 {start}" >&2
43        exit 3
44        ;;
45esac
46
47:
Note: See TracBrowser for help on using the repository browser.