#!/usr/bin/env sh # SPDX-FileCopyrightText: Daniel Pätzold # SPDX-License-Identifier: AGPL-3.0-or-later # # User logon script for KDE Environement # source $(dirname "$0")/setup_system.inc.sh elog_init "User Logon Script" elog_add "==================" elog_add "" elog_add `date` elog_add "Logging to File ${LOGFILE}" if [ "$EUID" -eq 0 ]; then elog_add "Error: Cannot run this script as root." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi #TODO C: Check if Desktop is KDE/Plasma and support other Displays # Make kdesu use sudo kwriteconfig5 --file kdesurc --group super-user-command --key super-user-command sudo if [ $? -ne 0 ]; then elog_add "This script should be run in KDE- Desktop. The setup of kwriteconfig5 has failed. Please check, if you are using KDE." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi #Copy current Version of Autostart-Entry rm -f "${HOME}/.config/autostart/logon_script.sh.desktop" cp "${SCRIPTPATH}/logon_script.sh.desktop" "${HOME}/.config/autostart" if [ $? -ne 0 ]; then elog_add "Failed to setup autostart- entry. Check your installation of these scripts." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi # Mount the private Directory elog_add_command "${SYSCONFIGPATH}/system_setup/mount_ecrypt_home.sh" if [ $? -ne 0 ]; then elog_add "Some Error when mounting private Directory, cannot continue. Your Data will not be available." elog_add "The script was searched by SYSCONFIGPATH in directory ${SYSCONFIGPATH}, please check if your setup is correct." elog_add "If you want to redo this script here, execute ${SCRIPTPATH}/${SCRIPTNAME}" echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi #Get WEBDAV TOKEN from Nextcloud get_nc_token if [ $? -ne 0 ]; then elog_add "Some Error when mounting private Directory, cannot continue. Your Data will not be available." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi elog_add "Successfully obtained Token for User ${DAVTOKEN_USER}" #Install Software elog_add "" elog_add "Update and install client software" # First, check the sudo rule elog_add "Check the matching client rule:" #Somewhat strange "sudo -l" will *sometimes* ask for password instead of just checking if the rule can be found, so it needs -n to be silent # The behaviour will be: # A. If "sudo -l" wants a password (some installations!): # If a matching rule with !authenticate is found, no passwd will be asked and retno is 0 # If there is a rule matching with no !authenticate, then a password would be asked. This is prevented, so there will only be the # error "a password is needed" an retno is 1 # If there is no sudo rule at all, it will only set retno to 1 #-> Anyway, returning > 0 means the user is not allowed to run sw installation, which is fine. Print Message and skip installation. # # B. If "sudo -l" doesn't not want a password, then # RETNO = 0 , but the Output of "sudo -l -l" must als be checked, if there is an Option !authenticate in the returnung string, otherwise a failed installation cannot be # divided from a missing sudo-rule # elog_add_command_subshell "/usr/bin/sudo -n -l -l ${SYSCONFIGPATH}/system_setup/sync_client_software.sh" if [[ $RETNO -ne 0 ]]; then elog_add "Error was no $RETNO" elog_add "No matching IPA sudo rule found for the setup- script of this user, so the user is not allowed to run software setup." elog_add "This will not work, because necessary steps cannot be executed." elog_add "Please check the sudo rules in ipa and your group membership to make this work." elog_add "Hint: the rule must contain the !authenticate and setenv option to work." elog_add "A matching sudo rule could look like this: "'^'${SYSCONFIGPATH////'\/'}'\/system_setup\/sync_client_software\.sh.*$' elog_add "Skipping SW setup." echo "Press any key to continue" && read -n 1 -s -r && exit 1 else # Check, if the rule is with Option !authenticate if [[ $RETTXT != *"!authenticate"* ]]; then elog_add "The above IPA rule found for this user and the install script, but it has not the right options to be executed without password." elog_add "Hint: the rule must contain the !authenticate and setenv option to work." elog_add "A matching sudo rule could look like this: "'^'${SYSCONFIGPATH////'\/'}'\/system_setup\/sync_client_software\.sh.*$' elog_add "Skipping SW Install." else # Rule seems to be ok, executing script elog_add "Matching Sudo rule found." elog_add "" elog_add "Running client software sync..." elog_add_command "/usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install $1" #ERRTXT=$( { /usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install > >(tee -a ${LOGFILE}); } 2>&1 ) #ERR=$? if [[ $RETNO -ne 0 ]]; then elog_add "Errorcode was $RETNO" elog_add "Error executing software sync and install, please check your output!" echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi fi fi echo "" #Anyway run user scripts if existent elog_add_command "${CLIENT_SOFTWARE_DST}/user_run.sh $1" if [ $? -ne 0 ]; then exit 1 fi elog_add "" #SYNC Firefox + Thunderbird Profile ${SYSCONFIGPATH}/system_setup/mozilla_starter.sh firefox sync && ${SYSCONFIGPATH}/system_setup/mozilla_starter.sh thunderbird sync elog_add "Successfully synced Mozilla profiles (log in another file)." elog_add "Sucessfully run logon script (Wait 3 seconds)" sleep 3 #read -n 1 -s -r -p "Press any key to continue" #echo "" exit 0