Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: session_manager_setup.sh

Issue 1021006: Ensure that login profile data is ephemeral (Closed)
Patch Set: Created 10 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/bin/sh 1 #!/bin/sh
2 2
3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
4 # Use of this source code is governed by a BSD-style license that can be 4 # Use of this source code is governed by a BSD-style license that can be
5 # found in the LICENSE file. 5 # found in the LICENSE file.
6 6
7 XAUTH=/usr/bin/xauth 7 XAUTH=/usr/bin/xauth
8 XAUTH_FILE="/var/run/chromelogin.auth" 8 XAUTH_FILE="/var/run/chromelogin.auth"
9 SERVER_READY= 9 SERVER_READY=
10 10
11 user1_handler () { 11 user1_handler () {
12 echo "received SIGUSR1!" 12 echo "received SIGUSR1!"
13 SERVER_READY=y 13 SERVER_READY=y
14 } 14 }
15 15
16 trap user1_handler USR1 16 trap user1_handler USR1
17 MCOOKIE=$(head -c 8 /dev/urandom | openssl md5) # speed this up? 17 MCOOKIE=$(head -c 8 /dev/urandom | openssl md5) # speed this up?
18 ${XAUTH} -q -f ${XAUTH_FILE} add :0 . ${MCOOKIE} 18 ${XAUTH} -q -f ${XAUTH_FILE} add :0 . ${MCOOKIE}
19 19
20 /sbin/xstart.sh ${XAUTH_FILE} & 20 /sbin/xstart.sh ${XAUTH_FILE} &
21 21
22 export USER=chronos 22 export USER=chronos
23 export DATA_DIR=/home/${USER} 23 export DATA_DIR=/home/${USER}
24 export LOGIN_PROFILE_DIR=${DATA_DIR}/Default
24 export LOGNAME=${USER} 25 export LOGNAME=${USER}
25 export SHELL=/bin/bash 26 export SHELL=/bin/bash
26 export HOME=${DATA_DIR}/user 27 export HOME=${DATA_DIR}/user
27 export DISPLAY=:0.0 28 export DISPLAY=:0.0
28 export PATH=/bin:/usr/bin:/usr/local/bin:/usr/bin/X11 29 export PATH=/bin:/usr/bin:/usr/local/bin:/usr/bin/X11
29 export GTK_IM_MODULE=ibus 30 export GTK_IM_MODULE=ibus
30 31
31 XAUTH_FILE=${DATA_DIR}/.Xauthority 32 XAUTH_FILE=${DATA_DIR}/.Xauthority
32 export XAUTHORITY=${XAUTH_FILE} 33 export XAUTHORITY=${XAUTH_FILE}
33 34
34 mkdir -p ${DATA_DIR} && chown ${USER}:${USER} ${DATA_DIR} 35 mkdir -p ${DATA_DIR} && chown ${USER}:${USER} ${DATA_DIR}
35 mkdir -p ${HOME} && chown ${USER}:${USER} ${HOME} 36 mkdir -p ${HOME} && chown ${USER}:${USER} ${HOME}
36 ${XAUTH} -q -f ${XAUTH_FILE} add :0 . ${MCOOKIE} && \ 37 ${XAUTH} -q -f ${XAUTH_FILE} add :0 . ${MCOOKIE} && \
37 chown ${USER}:${USER} ${XAUTH_FILE} 38 chown ${USER}:${USER} ${XAUTH_FILE}
38 39
40 # Disallow the login profile from having persistent data until
41 # http://code.google.com/p/chromium-os/issues/detail?id=1967 is resolved.
42 if mount | grep -q "${LOGIN_PROFILE_DIR} "; then
43 umount -f ${LOGIN_PROFILE_DIR}
44 fi
45 rm -rf ${LOGIN_PROFILE_DIR}
46 mkdir -p ${LOGIN_PROFILE_DIR}
47 mount -n -t tmpfs -onodev,noexec,nosuid loginprofile ${LOGIN_PROFILE_DIR}
48 chown ${USER}:${USER} ${LOGIN_PROFILE_DIR}
49
39 # temporary hack to tell cryptohome that we're doing chrome-login 50 # temporary hack to tell cryptohome that we're doing chrome-login
40 touch /tmp/doing-chrome-login 51 touch /tmp/doing-chrome-login
41 52
42 CHROME_DIR="/opt/google/chrome" 53 CHROME_DIR="/opt/google/chrome"
43 CHROME="$CHROME_DIR/chrome" 54 CHROME="$CHROME_DIR/chrome"
44 COOKIE_PIPE="/tmp/cookie_pipe" 55 COOKIE_PIPE="/tmp/cookie_pipe"
45 56
46 # xdg-open is used to open downloaded files. 57 # xdg-open is used to open downloaded files.
47 # It runs sensible-browser, which uses $BROWSER. 58 # It runs sensible-browser, which uses $BROWSER.
48 export BROWSER=${CHROME} 59 export BROWSER=${CHROME}
(...skipping 30 matching lines...) Expand all
79 exec /sbin/session_manager --uid=${USER_ID} --login -- \ 90 exec /sbin/session_manager --uid=${USER_ID} --login -- \
80 $CHROME --enable-gview \ 91 $CHROME --enable-gview \
81 --enable-sync \ 92 --enable-sync \
82 --log-level=0 \ 93 --log-level=0 \
83 --main-menu-url="http://welcome-cros.appspot.com/menu" \ 94 --main-menu-url="http://welcome-cros.appspot.com/menu" \
84 --no-first-run \ 95 --no-first-run \
85 --user-data-dir=/home/$USER \ 96 --user-data-dir=/home/$USER \
86 --profile=user \ 97 --profile=user \
87 "--cookie-pipe=$COOKIE_PIPE" \ 98 "--cookie-pipe=$COOKIE_PIPE" \
88 "${SKIP_OOBE}" 99 "${SKIP_OOBE}"
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698