* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> 2.0.71-11
- Add sandboxX
This commit is contained in:
parent
a45221f297
commit
7b1b3e71e3
60
sandbox.init
Executable file
60
sandbox.init
Executable file
@ -0,0 +1,60 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
## BEGIN INIT INFO
|
||||||
|
# Provides: sandbox
|
||||||
|
# Default-Start: 5
|
||||||
|
# Default-Stop: 0 1 2 3 4 6
|
||||||
|
# Required-Start:
|
||||||
|
#
|
||||||
|
## END INIT INFO
|
||||||
|
# sandbox: Set up / mountpoint to be shared, /var/tmp, /tmp, /home/sandbox unshared
|
||||||
|
#
|
||||||
|
# chkconfig: 5 1 99
|
||||||
|
#
|
||||||
|
# Description: sandbox is using pam_namespace to share the /var/tmp, /tmp and
|
||||||
|
# /home/sandbox accounts. This script will setup the / mount
|
||||||
|
# point as shared and all of the subdirectories just these
|
||||||
|
# directories as unshared.
|
||||||
|
#
|
||||||
|
|
||||||
|
# Source function library.
|
||||||
|
. /etc/init.d/functions
|
||||||
|
|
||||||
|
LOCKFILE=/var/lock/subsys/sandbox
|
||||||
|
|
||||||
|
base=${0##*/}
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
start)
|
||||||
|
[ -f "$LOCKFILE" ] && exit 0
|
||||||
|
|
||||||
|
touch $LOCKFILE
|
||||||
|
mount --make-rshared /
|
||||||
|
mount --bind /tmp /tmp
|
||||||
|
mount --bind /var/tmp /var/tmp
|
||||||
|
mount --bind /home /home
|
||||||
|
mount --make-private /home
|
||||||
|
mount --make-private /tmp
|
||||||
|
mount --make-private /var/tmp
|
||||||
|
RETVAL=$?
|
||||||
|
exit $RETVAL
|
||||||
|
;;
|
||||||
|
|
||||||
|
status)
|
||||||
|
if [ -f "$LOCKFILE" ]; then
|
||||||
|
echo "$base is running"
|
||||||
|
else
|
||||||
|
echo "$base is stopped"
|
||||||
|
fi
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
|
||||||
|
stop)
|
||||||
|
rm -f $LOCKFILE
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo $"Usage: $0 {start|stop}"
|
||||||
|
exit 3
|
||||||
|
;;
|
||||||
|
esac
|
Loading…
Reference in New Issue
Block a user