obel1x/fedora-OEMDRV
0
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7d109111c1155e5f3b1b02a324b00a86f93bb87e
fedora-OEMDRV/system_setup/logon_script.sh
T
Daniel unbrot Pätzold 7d109111c1 Logon: Don't need KDE
2026-05-03 20:18:54 +02:00

128 lines
5.5 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env sh
# SPDX-FileCopyrightText: Daniel Pätzold
# SPDX-License-Identifier: AGPL-3.0-or-later
#
# User logon script for KDE Environement
#
source $(dirname "$0")/setup_system.inc.sh
elog_init "User Logon Script"
elog_add "=================="
elog_add ""
elog_add `date`
elog_add "Logging to File ${LOGFILE}"
if [ "$EUID" -eq 0 ]; then
elog_add "Error: Cannot run this script as root."
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
#Check for needed python-modules
#For WEBDAV
python -c "import webdav3">/dev/null 2>&1
if [[ $? -ne 0 ]]; then
echo "Installing pip module webdav3"
pip install webdavclient3>/dev/null
fi
#For IPA (system package python3-ipaclient, cannot be pip-installed)
python -c "import ipalib">/dev/null 2>&1
if [[ $? -ne 0 ]]; then
echo "Error: python3-ipaclient is not installed. Please install it via: sudo dnf install python3-ipaclient"
fi
#TODO C: Check if Desktop is KDE/Plasma and support other Displays
# Make kdesu use sudo
kwriteconfig5 --file kdesurc --group super-user-command --key super-user-command sudo >/dev/null 2>&1
# Mount the private Directory
elog_add_command "${SYSCONFIGPATH}/system_setup/mount_ecrypt_home.sh"
if [ $? -ne 0 ]; then
elog_add "Some Error when mounting private Directory, cannot continue. Your Data will not be available."
elog_add "The script was searched by SYSCONFIGPATH in directory ${SYSCONFIGPATH}, please check if your setup is correct."
elog_add "If you want to redo this script here, execute ${SCRIPTPATH}/${SCRIPTNAME}"
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
#Get WEBDAV TOKEN from Nextcloud
get_nc_token
if [ $? -ne 0 ]; then
elog_add "Some Error when mounting private Directory, cannot continue. Your Data will not be available."
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
elog_add "Successfully obtained Token for User ${DAVTOKEN_USER}"
#Install Software
elog_add ""
elog_add "Update and install client software"
#Set global to enable git
git config --global --add safe.directory /opt/sys_config
# First, check the sudo rule
elog_add "Check the matching client rule:"
#Somewhat strange "sudo -l" will *sometimes* ask for password instead of just checking if the rule can be found, so it needs -n to be silent
# The behaviour will be:
# A. If "sudo -l" wants a password (some installations!):
# If a matching rule with !authenticate is found, no passwd will be asked and retno is 0
# If there is a rule matching with no !authenticate, then a password would be asked. This is prevented, so there will only be the
# error "a password is needed" an retno is 1
# If there is no sudo rule at all, it will only set retno to 1
#-> Anyway, returning > 0 means the user is not allowed to run sw installation, which is fine. Print Message and skip installation.
#
# B. If "sudo -l" doesn't not want a password, then
# RETNO = 0 , but the Output of "sudo -l -l" must als be checked, if there is an Option !authenticate in the returnung string, otherwise a failed installation cannot be
# divided from a missing sudo-rule
#
elog_add_command_subshell "/usr/bin/sudo -n -l -l ${SYSCONFIGPATH}/system_setup/sync_client_software.sh"
if [[ $RETNO -ne 0 ]]; then
elog_add "Error was no $RETNO"
elog_add "No matching IPA sudo rule found for the setup- script of this user, so the user is not allowed to run software setup."
elog_add "This will not work, because necessary steps cannot be executed."
elog_add "Please check the sudo rules in ipa and your group membership to make this work."
elog_add "Hint: the rule must contain the !authenticate and setenv option to work."
elog_add "A matching sudo rule could look like this: "'^'${SYSCONFIGPATH////'\/'}'\/system_setup\/sync_client_software\.sh.*$'
elog_add "Skipping SW setup."
echo "Press any key to continue" && read -n 1 -s -r && exit 1
else
# Check, if the rule is with Option !authenticate
if [[ $RETTXT != *"!authenticate"* ]]; then
elog_add "The above IPA rule found for this user and the install script, but it has not the right options to be executed without password."
elog_add "Hint: the rule must contain the !authenticate and setenv option to work."
elog_add "A matching sudo rule could look like this: "'^'${SYSCONFIGPATH////'\/'}'\/system_setup\/sync_client_software\.sh.*$'
elog_add "Skipping SW Install."
else
# Rule seems to be ok, executing script
elog_add "Matching Sudo rule found."
elog_add ""
elog_add "Running client software sync..."
elog_add_command "/usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install $1"
#ERRTXT=$( { /usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install > >(tee -a ${LOGFILE}); } 2>&1 )
#ERR=$?
if [[ $RETNO -ne 0 ]]; then
elog_add "Errorcode was $RETNO"
elog_add "Error executing software sync and install, please check your output!"
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
fi
fi
echo ""
#Anyway run user scripts if existent
elog_add_command "${CLIENT_SOFTWARE_DST}/user_run.sh $1"
if [ $? -ne 0 ]; then
exit 1
fi
elog_add ""
#SYNC Firefox + Thunderbird Profile
${SYSCONFIGPATH}/system_setup/mozilla_starter.sh firefox sync && ${SYSCONFIGPATH}/system_setup/mozilla_starter.sh thunderbird sync
elog_add "Successfully synced Mozilla profiles (log in another file)."
elog_add "Sucessfully run logon script (Wait 3 seconds)"
sleep 3
#read -n 1 -s -r -p "Press any key to continue"
#echo ""
exit 0
Reference in New Issue View Git Blame Copy Permalink