forked from ISTI-ansible-roles/ansible-roles
library/roles/smartgears/r_connector/templates/rusersadd.j2: Use ACLs to set the userconfig.csv permissions. Touch the file at each login so that the file has been removed by the user, he can still connect.
This commit is contained in:
Andrea Dell'Amico
parent
939c71d2f5
commit
d4c3143655
|
|
@ -11,6 +11,9 @@ RPROFILE_FILE='{{ r_connector_rprofile_path }}/{{ r_connector_rprofile_filename
|
|||
|
||||
if [ -d $HDIR ] ; then
|
||||
logger "$LOG_PREFIX user $HDIR directory exists"
|
||||
sudo /usr/bin/touch ${HDIR}/{{ r_connector_userconfig }}
|
||||
sudo /bin/chown ${USER}:{{ smartgears_user }} $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /usr/bin/setfacl -m u:${USER}:rw,g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
|
||||
exit 0
|
||||
else
|
||||
if id -u $USER >/dev/null 2>&1
|
||||
|
|
@ -21,9 +24,9 @@ else
|
|||
sudo /bin/chmod g-wr,o-rwx $HDIR
|
||||
sudo /usr/bin/touch $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /bin/chmod 660 $HDIR/{{ r_connector_userconfig }}
|
||||
#sudo /bin/chgrp -R {{ smartgears_user }} $HDIR
|
||||
sudo /bin/chown $USER:{{ smartgears_user }} $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /usr/bin/setfacl -m u:${USER}:rw,g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /bin/chgrp {{ smartgears_user }} $HDIR
|
||||
sudo /bin/chown {{ smartgears_user }}:{{ smartgears_user }} $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /bin/ln -s $RPROFILE_FILE $HDIR/{{ r_connector_rprofile_filename }}
|
||||
exit 0
|
||||
else
|
||||
|
|
@ -37,6 +40,7 @@ else
|
|||
sudo /bin/chmod g+ws $HDIR
|
||||
sudo /usr/bin/touch $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /bin/chmod 660 $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /usr/bin/setfacl -m g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
|
||||
sudo /bin/chgrp -R {{ smartgears_user }} $HDIR
|
||||
sudo /bin/ln -s $RPROFILE_FILE $HDIR/{{ r_connector_rprofile_filename }}
|
||||
exit 0
|
||||
|
|
|
|||
Loading…
Reference in New Issue