Mini Shell
Direktori : /usr/bin/ |
|
Current File : //usr/bin/cagefs_enter |
#!/usr/bin/bash
get_binary() {
temp=`whereis -b $1`
array=( $temp )
length=${#array[@]}
if [ "$length" -eq 1 ]; then
echo $1
fi
length=$(($length - 1))
for i in `seq 1 $let`; do
if [ -x "${array[$i]}" ]; then
echo ${array[$i]}
fi
done
}
ID=$(get_binary id)
WHOAMI=$(get_binary whoami)
TAIL=$(get_binary tail)
PWD=$(get_binary pwd)
SSH=$(get_binary ssh)
CAT=$(get_binary cat)
GREP=$(get_binary grep)
is_cagefs_enabled() {
# return 0 when cagefs is enabled for user
/bin/cagefs_enter.proxied ls -ld /var/.cagefs > /dev/null 2>&1
return $?
}
is_proxy_enabled() {
# return 0 when execution via proxy is enabled
if $GREP -P '^cagefs_enter_proxied\s*=\s*0' /etc/sysconfig/cloudlinux > /dev/null 2>&1; then
return 1
fi
return 0
}
##CageFS proxyexec wrapper - ver 14
USR=`$WHOAMI`
if [ "$USR" == "root" ]; then
echo "This program can not be run as root"
exit 1
fi
is_proxy_enabled
proxy_enabled=$?
if [ "$proxy_enabled" -ne 0 ]; then
# when proxy is disabled - call original cagefs_enter binary
/bin/cagefs_enter.proxied "$@"
exit $?
fi
PREFIX=`$ID -u|$TAIL -c 3`
USER_TOKEN_PATH="/var/cagefs/$PREFIX/$USR/.cagefs/.cagefs.token"
if [ ! -f "$USER_TOKEN_PATH" ]; then
# try to create token
is_cagefs_enabled
cagefs_enabled=$?
fi
if [ ! -f "$USER_TOKEN_PATH" ]; then
# when token does not exist - call original cagefs_enter binary
/bin/cagefs_enter.proxied "$@"
exit $?
fi
TOKEN=`$CAT $USER_TOKEN_PATH`
CWD=`$PWD`
if [ -e /var/.cagefs/origin ]; then
ORIGIN=`$CAT /var/.cagefs/origin`
REMOTE="$SSH -F /etc/ssh/cagefs-rexec_config $USR@$ORIGIN"
$REMOTE CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock "$USR" "$CWD" CAGEFS_ENTER $$ "$@"
else
CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock "$USR" "$CWD" CAGEFS_ENTER $$ "$@"
fi
exit $?
Zerion Mini Shell 1.0