| Git Clone URL: | https://aur.archlinux.org/systemd-guest-user.git (read-only, click to copy) |
|---|---|
| Package Base: | systemd-guest-user |
| Description: | A simple systemd configurations for guest user support |
| Upstream URL: | https://github.com/Akrai/systemd-guest-user |
| Keywords: | guest systemd user |
| Licenses: | GPL3 |
| Submitter: | pavelshuvalov |
| Maintainer: | akrai |
| Last Packager: | akrai |
| Votes: | 11 |
| Popularity: | 0.96 |
| First Submitted: | 2016-10-14 12:39 (UTC) |
| Last Updated: | 2019-11-04 16:25 (UTC) |
About the missing Where=/home/guest in home-guest.mount, i was also surprised about it, i just didn't understand how a file basically without info about where to mount the home folder, will mount it anyway
But after researching a little bit it seems the path is encoded in the filename, it just uses the home-guest as /home/guest, https://jlk.fjfi.cvut.cz/arch/manpages/man/systemd.mount.5.en Weird right?
So i should separate those two packs of commands in two services right?
Now, that I thought a bit more on why:
There are two parts of systemd-guest-user.service which should be separate services:
ExecStart=/usr/sbin/bash -c 'id guest >& /dev/null || useradd -c Guest guest'
ExecStart=/usr/sbin/usermod -d /home/guest/ guest
ExecStart=/usr/sbin/chsh -s /bin/sh guest
ExecStart=/usr/sbin/passwd -d guest
which must be before mounting the tmpfs, as it makes sure the guest user exists and properly configured, and this part:
ExecStart=/usr/sbin/bash -c 'cp -a /usr/share/guest-configuration/. /home/guest'
ExecStart=/usr/sbin/chown -R guest:users /home/guest
must be after mounting because everything copied to /home/guest before mounting is replaced with an empty tmpfs.
p.s. I'm also puzzled about home-guest.mount as it doesn't have Where=/home/guest, yet tmpfs seems to be mounted...
I don't even understand why was written like that, you are right, that unit should be executed after home-guest.mount
I have an issue with this package, files from /usr/share/guest-configuration/ are not in /home/guest
You have systemd-guest-user.service which copies files Before=systemd-tmpfiles-setup.service and you have home-guest.mount After=systemd-tmpfiles-setup.service. So you either copy files to a directory and then mount tmpfs over that directory or I don't understand something about tmpfs or systemd.
p.s. and replacing Before=systemd-tmpfiles-setup.service with After=home-guest.mount in systemd-guest-user.service fixes the issue: files from /usr/share/guest-configuration/ are now in /home/guest/ after reboot.
Installing the package gets your system ready to use the guest user, which is basically a normal user with a tmpfs home folder (which gets erased after every reboot, not after a logout), but please notice two things:
You probably want to add the guest user to some system groups you may consider in order to be able to use some resources of your computer, the same way as any other human user
The script copies any file placed in the /etc/skel/ folder to the guest home after every reboot, intended mainly for copying config files you may consider useful to copy in every new guest session, for example if you need special graphical or network config files placed in order to get a properly working guest user. Any suggestion is welcomed
All done, thanks for your contribution
Yes, it's not necessary rm -rf to remove de /home/guest mounting point, but just a precaution if the directory isn't empty.
I copy how it's done in the user creation. Only delete the user if the user exists. :)
your approach is nice and clean, im not very sure about the need of rm -rf in the uninstall when the folder is mounted as tmpfs, but whatever, won't do any harm
i will write it
by the way, why write bash -c 'id guest >& /dev/null && userdel guest' in the uninstall when you could simply delete the user directly? bash -c 'userdel guest'
Yes, this would be better. I would use pre_install() to create the user before the install. Something like this:
pre_install() {
/usr/sbin/bash -c 'id guest >& /dev/null || useradd -c Guest guest'
/usr/sbin/usermod -d /home/guest/ guest >& /dev/null
/usr/sbin/chsh -s /bin/sh guest >& /dev/null
/usr/sbin/passwd -d guest >& /dev/null
}
post_install() {
/usr/sbin/bash -c 'cp -a /usr/share/guest-configuration/. /home/guest'
/usr/sbin/chown -R guest:users /home/guest
}
post_remove() {
/usr/bin/pkill -9 -u guest >& /dev/null
/usr/bin/sleep 1
/usr/sbin/bash -c 'id guest >& /dev/null && userdel guest'
/usr/bin/umount /home/guest >& /dev/null
/usr/bin/rm -rf /home/guest
}
systemd-guest-user.service
[Unit]
DefaultDependencies=no
Before=systemd-tmpfiles-setup.service
RefuseManualStart=yes
RefuseManualStop=yes
[Service]
Type=oneshot
ExecStart=/usr/sbin/bash -c 'id guest >& /dev/null || useradd -c Guest guest'
ExecStart=/usr/sbin/usermod -d /home/guest/ guest
ExecStart=/usr/sbin/chsh -s /bin/sh guest
ExecStart=/usr/sbin/passwd -d guest
ExecStart=/usr/sbin/bash -c 'cp -a /usr/share/guest-configuration/. /home/guest'
ExecStart=/usr/sbin/chown -R guest:users /home/guest
home-guest.mount
[Unit]
Conflicts=umount.target
After=systemd-tmpfiles-setup.service
Before=umount.target
RefuseManualStart=yes
RefuseManualStop=yes
[Mount]
What=tmpfs
Type=tmpfs
Options=mode=0750,uid=guest,gid=users,strictatime,nosuid,nodev
Pinned Comments
akrai commented on 2018-08-01 14:49 (UTC) (edited on 2019-11-04 16:11 (UTC) by akrai)
Installing the package gets your system ready to use the guest user, which is basically a normal user with a tmpfs home folder (which gets erased after every reboot, not after a logout), but please notice two things:
You probably want to add the guest user to some system groups you may consider in order to be able to use some resources of your computer, the same way as any other human user
The script copies any file placed in the /etc/skel/ folder to the guest home after every reboot, intended mainly for copying config files you may consider useful to copy in every new guest session, for example if you need special graphical or network config files placed in order to get a properly working guest user. Any suggestion is welcomed