Make variables only accessible to user.

2021-03-06 13:09:14 +07:00 · 2021-03-06 13:09:14 +07:00 · 715fc2259a
commit 715fc2259a
parent 7fcc8d2ad0
5 changed files with 9 additions and 5 deletions
--- a/archbox.bash
+++ b/archbox.bash
@ -12,7 +12,7 @@ asroot(){

 storeenv() {
    echo "# This will be sourced when entering Archbox" > /tmp/archbox_env
-    chmod 777 /tmp/archbox_env >/dev/null 2>&1
+    $PRIV $PREFIX/share/archbox/bin/uth chownvar $USER
    [[ ! -z $WAYLAND_DISPLAY ]] && echo "WAYLAND_DISPLAY=$WAYLAND_DISPLAY" >> /tmp/archbox_env
    if [[ ! -z $DISPLAY ]]; then
        hash xhost >/dev/null 2>&1 && xhost +local: > /dev/null 
@ -84,7 +84,7 @@ case $1 in
        msg "Mounting necessary filesystems..."
        $PREFIX/share/archbox/bin/init start
        cp $PREFIX/share/archbox/chroot_setup.bash $CHROOT/chroot_setup
-        echo $USER > /tmp/archbox_user
+        echo $ARCHBOX_USER > /tmp/archbox_user
        chroot $CHROOT /bin/bash -c "/chroot_setup"
        exit $?
    ;;
--- a/archbox.conf
+++ b/archbox.conf
@ -1,4 +1,4 @@
-USER="lemniskett"
+ARCHBOX_USER="lemniskett"
 PRIV="sudo"
 INSTALL_PATH="/var/archlinux"
 CHROOT="$INSTALL_PATH/root.x86_64"
--- a/enter.bash
+++ b/enter.bash
@ -10,4 +10,4 @@ REQ_ENV+="XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR "

 ENV="$REQ_ENV $ENV_VAR"
 COMMAND="$@"
-chroot $CHROOT /sbin/env $ENV /bin/su $USER
+chroot $CHROOT /sbin/env $ENV /bin/su $ARCHBOX_USER
--- a/exec.bash
+++ b/exec.bash
@ -10,4 +10,4 @@ REQ_ENV+="XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR "

 ENV="$REQ_ENV $ENV_VAR"
 COMMAND="$@"
-chroot $CHROOT /bin/su -c "env $ENV $COMMAND" $USER
+chroot $CHROOT /bin/su -c "env $ENV $COMMAND" $ARCHBOX_USER
--- a/uth.bash
+++ b/uth.bash
@ -24,4 +24,8 @@ case $1 in
        mount --rbind /run $CHROOT/run
        exit $?
        ;;
+    chownvar)
+        chown $2:$2 /tmp/archbox_env
+        chmod 700 /tmp/archbox_env
+        ;;
 esac