forked from NodeOS/nodeos-boot-multiUser
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.js
More file actions
111 lines (89 loc) · 2.69 KB
/
index.js
File metadata and controls
111 lines (89 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
const fs = require('fs')
const each = require('async/each')
const jocker = require('jocker')
const rimraf = require('rimraf').sync
const startRepl = require('nodeos-mount-utils').startRepl
const jocker_root = require('./jocker_root')
/**
* Filter folders that are valid user `$HOME`
* @access private
* @param {String} user The name of the user
* @return {Boolean} Returns true If the first char is not a dot
* and not `root` and not ´lost+found´
*/
function filterUser(user)
{
return user[0] !== '.' && user !== 'root' && user !== 'lost+found'
}
/**
* Overlays the users filesystem
*
* @param {String} usersFolder The path to folder of the users
* @param {Function} callback
*/
function usersSessions(usersFolder, callback)
{
function done(error)
{
// Make '/usr' a opaque folder (OverlayFS feature)
// TODO Is this needed to be done here? Can it be done in a cleaner place?
rimraf('/usr')
callback(error)
}
// Mount users directories and exec their init files
fs.readdir(usersFolder, function(error, users)
{
if(error) return done(error)
users = users.filter(filterUser)
if(!users.length) return done('No users found')
each(users, function(username, callback)
{
jocker.run(usersFolder+'/'+username, '/init', {PATH: '/bin'}, callback)
},
done)
})
}
//
// Public API
//
/**
* Prepares the session and checks if the users filesystem has a root account,
* if not check if `/proc/cmdline` has the single key
* It deletes the `root`, `rootfstype` and `vga` environment variables
* and adds `NODE_PATH` to it.
* @access private
* @return {Repl} Returns either a repl or a error if the error contains
* a `ENOENT` code
*/
function prepareSessions(home, single, callback)
{
const upperdir = home+'/root'
// Check if users filesystem has an administrator account
fs.readdir(upperdir, function(error)
{
if(error)
{
if(error.code !== 'ENOENT') return callback(error)
if(single)
{
console.warn('Administrator account not found')
return startRepl('Administrator mode')
}
return usersSessions(home, callback)
}
// There's an administrator account, prepare it first
jocker_root.create(upperdir, function(error, newHome)
{
if(error) return callback(error)
// Enter administrator mode
if(single) return startRepl('Administrator mode')
// Execute `root` user init in un-priviledged environment
jocker.exec(home, '/init', {PATH: '/bin'}, function(error)
{
if(error) console.warn(error)
usersSessions(newHome, callback)
})
})
})
}
module.exports = prepareSessions