From a8f9d9d8b8994ddef5b977c58d51d8a2ff82b48e Mon Sep 17 00:00:00 2001 From: Valentin Samir Date: Tue, 18 Nov 2014 18:25:25 +0100 Subject: [PATCH] =?UTF-8?q?[owncloud]=20Petit=20hack=20pour=20que=20www-da?= =?UTF-8?q?ta=20=C3=A9crive=20en=20tant=20qu'un=20autre=20utilisateur?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On monte en sshfs user@127.0.0.1:/home/user/Owncloud /home-owncloud/user pour www-data quand on essaye d'accéder au dossier /home-owncloud/user en utilisant une clef ssh commune pour tous les utilistateur uniquement utilisable depuis 127.0.0.1 --- Bundler/owncloud.xml | 9 +++++++++ Cfg/etc/auto.home-owncloud/auto.home-owncloud | 6 ++++++ Cfg/etc/auto.home-owncloud/info.xml | 3 +++ Metadata/groups.xml | 1 + Python/etc/auto.master | 2 ++ Python/etc/ssh/sshd_config | 5 ++++- Rules/owncloud.xml | 3 +++ 7 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 Bundler/owncloud.xml create mode 100755 Cfg/etc/auto.home-owncloud/auto.home-owncloud create mode 100644 Cfg/etc/auto.home-owncloud/info.xml create mode 100644 Rules/owncloud.xml diff --git a/Bundler/owncloud.xml b/Bundler/owncloud.xml new file mode 100644 index 0000000..bd084bf --- /dev/null +++ b/Bundler/owncloud.xml @@ -0,0 +1,9 @@ + + + + + + + + + diff --git a/Cfg/etc/auto.home-owncloud/auto.home-owncloud b/Cfg/etc/auto.home-owncloud/auto.home-owncloud new file mode 100755 index 0000000..f09a317 --- /dev/null +++ b/Cfg/etc/auto.home-owncloud/auto.home-owncloud @@ -0,0 +1,6 @@ +#!/bin/sh +# +# Fichier gere par BCfg2. +chmod 750 /home-owncloud && +chown www-data:root /home-owncloud && +echo "-fstype=fuse,port=22,rw,uid=33,gid=33,allow_other,nodev,noatime,delay_connect,reconnect,workaround=all,ConnectTimeout=1,transform_symlinks,idmap=user,intr,bg :sshfs\#$1@127.0.0.1\:/home/$1/OwnCloud" diff --git a/Cfg/etc/auto.home-owncloud/info.xml b/Cfg/etc/auto.home-owncloud/info.xml new file mode 100644 index 0000000..a0b21f3 --- /dev/null +++ b/Cfg/etc/auto.home-owncloud/info.xml @@ -0,0 +1,3 @@ + + + diff --git a/Metadata/groups.xml b/Metadata/groups.xml index 169fb75..b5ad37f 100644 --- a/Metadata/groups.xml +++ b/Metadata/groups.xml @@ -162,6 +162,7 @@ profile="true"> + diff --git a/Python/etc/auto.master b/Python/etc/auto.master index 302ded5..a775a7e 100644 --- a/Python/etc/auto.master +++ b/Python/etc/auto.master @@ -14,3 +14,5 @@ if has("home") and not has("home-permanent"): if has("ldapcert"): mount("/-", "/etc/auto.ldapcert", 600) +if has("owncloud"): + mount("/home-owncloud", "/etc/auto.home-owncloud", 60) diff --git a/Python/etc/ssh/sshd_config b/Python/etc/ssh/sshd_config index ae3f0a8..3b4b049 100644 --- a/Python/etc/ssh/sshd_config +++ b/Python/etc/ssh/sshd_config @@ -32,7 +32,10 @@ header("Configuration du serveur ssh") @RSAAuthentication yes @PubkeyAuthentication yes -@#AuthorizedKeysFile %h/.ssh/authorized_keys +if has("owncloud"): + @AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys2 /etc/ssh/authorized_keys +else: + @#AuthorizedKeysFile %h/.ssh/authorized_keys @# Don't read the user's ~/.rhosts and ~/.shosts files @IgnoreRhosts yes diff --git a/Rules/owncloud.xml b/Rules/owncloud.xml new file mode 100644 index 0000000..fbf87a4 --- /dev/null +++ b/Rules/owncloud.xml @@ -0,0 +1,3 @@ + + +