diff options
| author | Hendrik Jäger <gitcommit@henk.geekmail.org> | 2022-05-09 22:17:10 +0200 |
|---|---|---|
| committer | Hendrik Jäger <gitcommit@henk.geekmail.org> | 2022-07-25 23:53:04 +0200 |
| commit | 34e6a9d0ab678ac69218a6be995b73c87e47b17c (patch) | |
| tree | e0436476216d87f0ff606c7474a3b946be9a2ada | |
| parent | b63cb7937892c18a9c3c6da6b06e0c9a5fe7b3a1 (diff) | |
implement user scandirs
| -rw-r--r-- | manifests/config.pp | 6 | ||||
| -rw-r--r-- | manifests/init.pp | 4 | ||||
| -rw-r--r-- | manifests/user_scandir.pp | 32 | ||||
| -rw-r--r-- | templates/user_scandir/log/run.epp | 19 | ||||
| -rw-r--r-- | templates/user_scandir/run.epp | 18 |
5 files changed, 78 insertions, 1 deletions
diff --git a/manifests/config.pp b/manifests/config.pp index 85a0831..3431ef8 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -13,4 +13,10 @@ class s6::config { mode => '0700', ; } + + $s6::scandir_users.each | $entry | { + s6::user_scandir { + $entry: ; + } + } } diff --git a/manifests/init.pp b/manifests/init.pp index 3141174..833fd8c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,4 +1,6 @@ -class s6 { +class s6 ( + Optional[Array[String]] $scandir_users = [], +) { require 'execline' class { diff --git a/manifests/user_scandir.pp b/manifests/user_scandir.pp new file mode 100644 index 0000000..db62fc3 --- /dev/null +++ b/manifests/user_scandir.pp @@ -0,0 +1,32 @@ +define s6::user_scandir( + Optional[String] $homedir = undef, +) { + $scandir = '/etc/s6-scandir' + + file { + "${scandir}/user_scandir_${title}": + ensure => directory, + ; + "${scandir}/user_scandir_${title}/run": + ensure => present, + content => epp('s6/user_scandir/run.epp', { 'username' => $title } ), + mode => '0744', + ; + "${scandir}/user_scandir_${title}/log": + ensure => directory, + ; + "${scandir}/user_scandir_${title}/log/run": + ensure => present, + content => epp('s6/user_scandir/log/run.epp', { 'username' => $title } ), + mode => '0744', + ; + [ + '/var/log/s6/', + "/var/log/s6/user_scandir_${title}/", + "/var/log/s6/user_scandir_${title}/logs/", + ]: + ensure => directory, + ; + } +} + diff --git a/templates/user_scandir/log/run.epp b/templates/user_scandir/log/run.epp new file mode 100644 index 0000000..797688c --- /dev/null +++ b/templates/user_scandir/log/run.epp @@ -0,0 +1,19 @@ +<%- | + String $username, +| -%> +<% if versioncmp( $facts['os']['release']['major'], '10' ) >= 1 { -%> +#!/usr/bin/execlineb -P +<% } else { -%> +#!/usr/local/bin/execlineb -P +<% } -%> + +define SVUSER <%= $username %> +define SVLOGDIR /var/log/s6/user_scandir_${SVUSER}/logs/ + +fdmove -c 2 1 +s6-log + t + s1048576 + S2147483648 + !"mail -s \"user_sv log: ${SVUSER}\" -- root" + ${SVLOGDIR} diff --git a/templates/user_scandir/run.epp b/templates/user_scandir/run.epp new file mode 100644 index 0000000..8ef9d47 --- /dev/null +++ b/templates/user_scandir/run.epp @@ -0,0 +1,18 @@ +<% | + String $username, +| -%> +<% if versioncmp( $facts['os']['release']['major'], '10' ) >= 1 { -%> +#!/usr/bin/execlineb -P +<% } else { -%> +#!/usr/local/bin/execlineb -P +<% } -%> + +define USER <%= $username %> +backtick HOME { homeof ${USER} } +importas -n -u HOME HOME +define SVDIR ${HOME}/.s6-scandir + +fdmove -c 2 1 + +s6-setuidgid ${USER} +s6-svscan -c 20 ${SVDIR} |