57 lines
1.2 KiB
Bash
Executable File
57 lines
1.2 KiB
Bash
Executable File
#!/bin/sh
|
|
# vim: set sw=4 ts=4 sts=4 et :
|
|
|
|
if [ -z "${_UNSHARED}" ]; then
|
|
export _UNSHARED=1
|
|
exec unshare -m "$0" "$@"
|
|
fi
|
|
unset _UNSHARED
|
|
|
|
cleanup() {
|
|
if is_mount -q /etc; then
|
|
umount -R /etc
|
|
fi
|
|
if [ -n "${tmpdir}" ] && [ "${tmpdir}" != / ]; then
|
|
if is_mount "${tmpdir}"; then
|
|
umount -R "${tmpdir}"
|
|
fi
|
|
rm -rf "${tmpdir}"
|
|
fi
|
|
unset tmpdir
|
|
}
|
|
|
|
is_mount() {
|
|
awk '
|
|
BEGIN { rc = 1 }
|
|
$5 == "'"${1}"'" { rc = 0 }
|
|
END { exit rc }
|
|
' /proc/self/mountinfo
|
|
}
|
|
|
|
tmpdir=$(mktemp -d)
|
|
trap 'cleanup' INT QUIT TERM EXIT
|
|
mount \
|
|
-t tmpfs \
|
|
-o private,rootcontext=system_u:object_r:etc_t:s0 \
|
|
tmpfs \
|
|
"${tmpdir}" \
|
|
|| exit
|
|
|
|
mkdir -p \
|
|
"${tmpdir}"/etc \
|
|
"${tmpdir}"/etc/pam.d \
|
|
"${tmpdir}"/etc/security \
|
|
"${tmpdir}"/etc/selinux \
|
|
|| exit
|
|
cp -a /etc/passwd /etc/shadow "${tmpdir}"/etc || exit
|
|
mount -o bind /etc/pam.d "${tmpdir}"/etc/pam.d || exit
|
|
mount -o bind /etc/security "${tmpdir}"/etc/security || exit
|
|
mount -o bind /etc/selinux "${tmpdir}"/etc/selinux || exit
|
|
mount --rbind "${tmpdir}"/etc /etc || exit
|
|
|
|
passwd || exit
|
|
|
|
mv /etc/shadow "${tmpdir}"/shadow || exit
|
|
umount -R /etc || exit
|
|
cat "${tmpdir}"/shadow > /etc/shadow || exit
|