| Index: src/platform/cryptohome/bin/mount
|
| diff --git a/src/platform/cryptohome/bin/mount b/src/platform/cryptohome/bin/mount
|
| deleted file mode 100755
|
| index 575779eabe1d23e710415aeaac6e7651f81cb9bd..0000000000000000000000000000000000000000
|
| --- a/src/platform/cryptohome/bin/mount
|
| +++ /dev/null
|
| @@ -1,103 +0,0 @@
|
| -#!/bin/bash
|
| -# Copyright (c) 2009 The Chromium OS Authors. All rights reserved.
|
| -# Use of this source code is governed by a BSD-style license that can be
|
| -# found in the LICENSE file.
|
| -
|
| -set -e # exit on failure
|
| -set -E # share the error handler
|
| -set -u # require all variables to be defined
|
| -USERID=""
|
| -PASSWORD=""
|
| -
|
| -function error_handler() {
|
| - if ! typeset -F cryptohome::log; then
|
| - echo "An error occurred before/in cryptohome." 1>&2
|
| - # Assume common is ok, but maybe not mount options
|
| - /bin/mount -t tmpfs "$INCOGNITO_MOUNT_NAME" \
|
| - -onoexec,nosuid,nodev "$DEFAULT_MOUNT_POINT"
|
| - /bin/chown $DEFAULT_USER $DEFAULT_MOUNT_POINT
|
| - exit 1
|
| - fi
|
| -
|
| - local image="$IMAGE_DIR/${USERID}/image"
|
| - cryptohome::log "entering the mount error_handler ($image)"
|
| - # We don't want to error out again if close fails
|
| - cryptohome::close || $true
|
| - # Same goes for detach
|
| - cryptohome::detach || $true
|
| - if [[ -n "$image" ]]; then
|
| - cryptohome::log "removing the failed image: $image"
|
| - $rm -f $image
|
| - fi
|
| - cryptohome::log "attempting to create a new image..."
|
| - # Let's try a new image. If that fails, use the exit trap.
|
| - trap second_chance EXIT
|
| - cryptohome::mount_or_create "$USERID" "$PASSWORD"
|
| - trap - EXIT
|
| - cryptohome::log "new image created and mounted successfully"
|
| - cryptohome::log "mount completed"
|
| - $exit 0
|
| -}
|
| -# TODO: move traps into a single call
|
| -trap error_handler ERR;
|
| -
|
| -function incognito_error() {
|
| - cryptohome::log "failed to mount incognito!"
|
| - exit 1
|
| -}
|
| -
|
| -function incognito_mount() {
|
| - trap incognito_error ERR;
|
| - $mount -t tmpfs -o"${MOUNT_OPTIONS}" "$INCOGNITO_MOUNT_NAME" \
|
| - $DEFAULT_MOUNT_POINT
|
| - $chown ${DEFAULT_USER}:${DEFAULT_USER} $DEFAULT_MOUNT_POINT
|
| - cryptohome::log "incognito mount completed"
|
| -}
|
| -
|
| -function second_chance() {
|
| - cryptohome::log "new image creation failed (again)"
|
| - cryptohome::log "falling back to incognito mode"
|
| - incognito_mount
|
| - exit 0
|
| -}
|
| -
|
| -function mount_main() {
|
| - # This catches the unexported CHROMEOS_USER. A defined, but empty
|
| - # CHROMEOS_USER will pass through and be caught later.
|
| - if ! typeset -p CHROMEOS_USER &>/dev/null ; then
|
| - cryptohome::log "CHROMEOS_USER not exported."
|
| - cryptohome::log "Assuming incognito mode..."
|
| - CHROMEOS_USER="$INCOGNITO_USER"
|
| - fi
|
| -
|
| - # Support a file to disable encryption for given users.
|
| - if $test -n "$DISABLED_ENCRYPTION_FILE" && \
|
| - $test -e "$DISABLED_ENCRYPTION_FILE"; then
|
| - cryptohome::log "disabled_encryption_file present"
|
| - if $grep -qEe "\\b${CHROMEOS_USER}\\b" "$DISABLED_ENCRYPTION_FILE"; then
|
| - cryptohome::log "$CHROMEOS_USER has opted out of encryption"
|
| - return 0
|
| - fi
|
| - fi
|
| -
|
| - # Cut down on the noise from pam-mount but only do so on a pam_google
|
| - # login so that we don't blow away old logs during a debug login.
|
| - $exec 1>$STDOUT_FILE
|
| - $exec 2>$STDERR_FILE
|
| - if [[ "$CHROMEOS_USER" == "$INCOGNITO_USER" ]]; then
|
| - incognito_mount
|
| - return 0
|
| - fi
|
| - USERID="$($cat $IMAGE_DIR/salt <($echo -n $CHROMEOS_USER) | $openssl sha1)"
|
| - PASSWORD="$($cat)"
|
| - cryptohome::mount_or_create "$USERID" "$PASSWORD"
|
| -}
|
| -
|
| -# Invoke main.
|
| -if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
|
| - source "$(dirname "$0")/../lib/chromeos-cryptohome/common"
|
| - utils::declare_commands exit
|
| - # Everything is done by default at present.
|
| - mount_main
|
| -fi
|
| -
|
|
|
Chromium Code Reviews
