[owncloud] Petit hack pour que www-data écrive en tant qu'un autre utilisateur

On monte en sshfs user@127.0.0.1:/home/user/Owncloud /home-owncloud/user pour www-data quand on essaye d'accéder au dossier /home-owncloud/user en utilisant une clef ssh commune pour tous les utilistateur uniquement utilisable depuis 127.0.0.1
2014-11-18 18:25:25 +01:00 · 2014-11-18 18:25:25 +01:00 · a8f9d9d8b8
commit a8f9d9d8b8
parent bc199ad58d
7 changed files with 28 additions and 1 deletions
--- a/Bundler/owncloud.xml
+++ b/Bundler/owncloud.xml
@ -0,0 +1,9 @@
+<Bundle name="owncloud">
+  <Path name="/home-owncloud" type="directory" />
+  <Python name="/etc/auto.master"/>
+  <Path name="/etc/auto.home-owncloud"/>
+  <Package name="sshfs"/>
+  <Package name="autofs"/>
+  <Service name="autofs"/>
+</Bundle>
+
--- a/Cfg/etc/auto.home-owncloud/auto.home-owncloud
+++ b/Cfg/etc/auto.home-owncloud/auto.home-owncloud
@ -0,0 +1,6 @@
+#!/bin/sh
+#
+# Fichier gere par BCfg2.
+chmod 750 /home-owncloud &&
+chown www-data:root /home-owncloud &&
+echo "-fstype=fuse,port=22,rw,uid=33,gid=33,allow_other,nodev,noatime,delay_connect,reconnect,workaround=all,ConnectTimeout=1,transform_symlinks,idmap=user,intr,bg :sshfs\#$1@127.0.0.1\:/home/$1/OwnCloud"
--- a/Cfg/etc/auto.home-owncloud/info.xml
+++ b/Cfg/etc/auto.home-owncloud/info.xml
@ -0,0 +1,3 @@
+<FileInfo>
+    <Info owner='root' group='root' perms='0755'/>
+</FileInfo>
--- a/Metadata/groups.xml
+++ b/Metadata/groups.xml
@ -162,6 +162,7 @@
 	profile="true">
    <Group name="crans-vm-wheezy"/>
    <Group name="home-permanent"/>
+    <Bundle name="owncloud"/>
    <Group name="nginx"/> <!-- Pour owncloud -->
    <Group name="php"/> <!-- Pour owncloud -->
  </Group>
--- a/Python/etc/auto.master
+++ b/Python/etc/auto.master
@ -14,3 +14,5 @@ if has("home") and not has("home-permanent"):
 if has("ldapcert"):
    mount("/-", "/etc/auto.ldapcert", 600)
    
+if has("owncloud"):
+   mount("/home-owncloud", "/etc/auto.home-owncloud", 60)
--- a/Python/etc/ssh/sshd_config
+++ b/Python/etc/ssh/sshd_config
@ -32,7 +32,10 @@ header("Configuration du serveur ssh")

@RSAAuthentication yes
@PubkeyAuthentication yes
-@#AuthorizedKeysFile	%h/.ssh/authorized_keys
+if has("owncloud"):
+    @AuthorizedKeysFile	%h/.ssh/authorized_keys %h/.ssh/authorized_keys2 /etc/ssh/authorized_keys
+else:
+    @#AuthorizedKeysFile	%h/.ssh/authorized_keys

@# Don't read the user's ~/.rhosts and ~/.shosts files
@IgnoreRhosts yes
--- a/Rules/owncloud.xml
+++ b/Rules/owncloud.xml
@ -0,0 +1,3 @@
+<Rules priority="1">
+  <Path name="/home-owncloud" type="directory" owner="www-data" group="root" perms="0750" />
+</Rules>