rpms / xguest

Clone
Source Code
GIT

Files

  1.   78ac101aa2b80df420d50baa650cb7bd97c5fa54
  2.   xguest.spec
Blob Blame History Raw 
Summary: Creates xguest user as a locked down user 
Name: xguest
Version: 1.0.6
Release: 3%{?dist}
License: GPLv2+
Group: System Environment/Base
BuildArch: noarch
Source: http://people.fedoraproject.org/~dwalsh/xguest/%{name}-%{version}.tar.bz2
URL: http://people.fedoraproject.org/~dwalsh/xguest/

BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires(post): pam >= pam-0.99.8.1-17 selinux-policy > 3.0.8-60.fc8
Requires(post): policycoreutils
Requires(post): sabayon-apply
Requires: gdm >= 1:2.20.0-15.fc8

%description
Installing this package sets up the xguest user to be used as a temporary
account to switch to or as a kiosk user account. The account is disabled unless
SELinux is in enforcing mode. The user is only allowed to log in via gdm.
The home and temporary directories of the user will be polyinstantiated and
mounted on tmpfs.

%prep
%setup -q

%build

%clean
%{__rm} -fR %{buildroot}

%install
%{__rm} -fR %{buildroot}
%{__mkdir} -p %{buildroot}/%{_sysconfdir}/desktop-profiles
%{__mkdir} -p %{buildroot}/%{_sysconfdir}/rc.d/init.d
install -m0644 xguest.zip %{buildroot}/%{_sysconfdir}/desktop-profiles/
install -m0755 xguest.init %{buildroot}/%{_sysconfdir}/rc.d/init.d/xguest

%post
if [ $1 = 1 ]; then

echo -n \
'
# xguest begin
# Inserted by the xguest package.
/tmp    tmpfs   tmpfs   ~xguest
/var/tmp        tmpfs   tmpfs   ~xguest
$HOME           tmpfs   tmpfs   ~xguest
# xguest end
' >> /etc/security/namespace.conf 

echo "xguest:exclusive" >> /etc/security/sepermit.conf

semanage user -a -P xguest -R xguest_r xguest_u  2> /dev/null
useradd -c "X Guest User" -Z xguest_u xguest 2> /dev/null

/sbin/chkconfig xguest --add

/usr/bin/python << __eof
from sabayon import userdb
db = userdb.get_database()
db.set_profile("xguest", "xguest.zip")
__eof
setsebool -P allow_polyinstantiation=1 browser_confine_xguest=1 browser_write_xguest_data=1 xguest_connect_network=1 xguest_mount_media=1 xguest_use_bluetooth=1
fi

%files
%defattr(-,root,root)
%config(noreplace) %{_sysconfdir}/desktop-profiles/xguest.zip
%{_sysconfdir}/rc.d/init.d/xguest
%doc README LICENSE

%preun
if [ $1 = 0 ]; then
sed -i '/^xguest$/d' /etc/security/sepermit.conf
semanage login -d xguest 2> /dev/null
sed -i '/^# xguest begin/,/^# xguest end/d' /etc/security/namespace.conf 

/usr/bin/python << __eof
from sabayon import userdb
db = userdb.get_database()
db.set_profile("xguest", "")
__eof

/sbin/chkconfig --del xguest 
fi

%changelog
* Thu Jan 31 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.6-3
- Add support for exclusive login for xguest

* Tue Dec 18 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.6-2
- Remove lines from namespace.init on package removal

* Mon Dec 17 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.6-1
- Remove xguest init.d script on uninstall
- Fix description


* Fri Dec 7 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.5-2
- Turn on the xguest booleans

* Fri Dec 7 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.5-1
- Allow xguest to run nm-applet

* Tue Nov 27 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.4-2
- Fix permissions on /etc/init.d/xguest

* Wed Nov 21 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.4-1
- Add mount code to allow sharing of file system so hal and automount will work.
- I have added an initscript to set the / as shared and /tmp, /var/tmp and /home/xguest as private

* Fri Oct 26 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.3-1
- Remove exit lines
- Add LICENSE

* Mon Oct 22 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.2-1
- Cleanup spec file

* Mon Oct 22 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.1-2
- Turn on allow_polyinstantiation boolean

* Fri Oct 12 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.1-1
- Add sabayon support

* Thu Sep 13 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.0-1
- Initial version
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.