9 changed files with 1629 additions and 3 deletions
Split View
Diff Options
-
+1 -0install.sh
-
+335 -0root/udevil.conf
-
+1266 -0scripts/devmon
-
+6 -0scripts/dmenu-refresh
-
+2 -1scripts/dmenu-udevil
-
+6 -0scripts/dmenu-wallabag
-
+1 -1scripts/dmenu_surf
-
+5 -1scripts/menu-surfraw
-
+7 -0xorg/xinitrc
+ 1
- 0
install.sh
View File
+ 335
- 0
root/udevil.conf
View File
| @ -0,0 +1,335 @@ | |||
| ############################################################################## | |||
| # | |||
| # udevil configuration file /etc/udevil/udevil.conf | |||
| # | |||
| # This file controls what devices, networks, and files users may mount and | |||
| # unmount via udevil (set suid). | |||
| # | |||
| # IMPORTANT: IT IS POSSIBLE TO CREATE SERIOUS SECURITY PROBLEMS IF THIS FILE | |||
| # IS MISCONFIGURED - EDIT WITH CARE | |||
| # | |||
| # Note: For greater control for specific users, including root, copy this | |||
| # file to /etc/udevil/udevil-user-USERNAME.conf replacing USERNAME with the | |||
| # desired username (eg /etc/udevil/udevil-user-jim.conf). | |||
| # | |||
| # Format: | |||
| # OPTION = VALUE[, VALUE, ...] | |||
| # | |||
| # DO NOT USE QUOTES except literally | |||
| # Lines beginning with # are ignored | |||
| # | |||
| ############################################################################## | |||
| # To log all uses of udevil, set log_file to a file path: | |||
| # log_file = /var/log/udevil.log | |||
| # Approximate number of days to retain log entries (0=forever, max=60): | |||
| log_keep_days = 10 | |||
| # allowed_types determines what fstypes can be passed by a user to the u/mount | |||
| # program, what device filesystems may be un/mounted implicitly, and what | |||
| # network filesystems may be un/mounted. | |||
| # It may also include the 'file' keyword, indicating that the user is allowed | |||
| # to mount files (eg an ISO file). The $KNOWN_FILESYSTEMS variable may | |||
| # be included to include common local filesystems as well as those listed in | |||
| # /etc/filesystems and /proc/filesystems. | |||
| # allowed_types_USERNAME, if present, is used to override allowed_types for | |||
| # the specific user 'USERNAME'. For example, to allow user 'jim' to mount | |||
| # only vfat filesystems, add: | |||
| # allowed_types_jim = vfat | |||
| # Setting allowed_types = * does NOT allow all types, as this is a security | |||
| # risk, but does allow all recognized types. | |||
| # allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, davfs, tmpfs, ramfs | |||
| allowed_types = $KNOWN_FILESYSTEMS, file, cifs | |||
| # allowed_users is a list of users permitted to mount and unmount with udevil. | |||
| # Wildcards (* or ?) may be used in the usernames. To allow all users, | |||
| # specify "allowed_users=*". UIDs may be included using the form UID=1000. | |||
| # For example: allowed_users = carl, UID=1000, pre* | |||
| # Also note that permission to execute udevil may be limited to users belonging | |||
| # to the group that owns /usr/bin/udevil, such as 'plugdev' or 'storage', | |||
| # depending on installation. | |||
| # allowed_users_FSTYPE, if present, is used to override allowed_users when | |||
| # mounting or unmounting a specific fstype (eg nfs, ext3, file). | |||
| # Note that when mounting a file, fstype will always be 'file' regardless of | |||
| # the internal fstype of the file. | |||
| # For example, to allow only user 'bob' to mount nfs shares, add: | |||
| # allowed_users_nfs = bob | |||
| # The root user is NOT automatically allowed to use udevil in some cases unless | |||
| # listed here (except for unmounting anything or mounting fstab devices). | |||
| allowed_users = * | |||
| # allowed_groups is a list of groups permitted to mount and unmount with | |||
| # udevil. The user MUST belong to at least one of these groups. Wildcards | |||
| # or GIDs may NOT be used in group names, but a single * may be used to allow | |||
| # all groups. | |||
| # Also note that permission to execute udevil may be limited to users belonging | |||
| # to the group that owns /usr/bin/udevil, such as 'plugdev' or 'storage', | |||
| # depending on installation. | |||
| # allowed_groups_FSTYPE, if present, is used to override allowed_groups when | |||
| # mounting or unmounting a specific fstype (eg nfs, ext3, file). For example, | |||
| # to allow only members of the 'network' group to mount smb and nfs shares, | |||
| # use both of these lines: | |||
| # allowed_groups_smbfs = network | |||
| # allowed_groups_nfs = network | |||
| # The root user is NOT automatically allowed to use udevil in some cases unless | |||
| # listed here (except for unmounting anything or mounting fstab devices). | |||
| allowed_groups = * | |||
| # allowed_media_dirs specifies the media directories in which user mount points | |||
| # may be located. The first directory which exists and does not contain a | |||
| # wildcard will be used as the default media directory (normally /media or | |||
| # /media/$USER). | |||
| # The $USER variable, if included, will be replaced with the username of the | |||
| # user running udevil. Wildcards may also be used in any directory EXCEPT the | |||
| # default. Wildcards will not match a /, except a /** suffix for recursion. | |||
| # allowed_media_dirs_FSTYPE, if present, is used to override allowed_media_dirs | |||
| # when mounting or unmounting a specific fstype (eg ext2, nfs). For example, | |||
| # to cause /media/network to be used as the default media directory for | |||
| # nfs and ftpfs mounts, use these two lines: | |||
| # allowed_media_dirs_nfs = /media/network, /media, /media/$USER | |||
| # allowed_media_dirs_ftpfs = /media/network, /media, /media/$USER | |||
| # NOTE: If you want only the user who mounted a device to have access to it | |||
| # and be allowed to unmount it, specify /media/$USER as the first | |||
| # allowed media directory (only /media/$USER is created on demand). | |||
| # IMPORTANT: If an allowed file is mounted to a media directory, the user may | |||
| # be permitted to unmount its associated loop device even though internal. | |||
| # INCLUDING /MNT HERE IS NOT RECOMMENDED. ALL ALLOWED MEDIA DIRECTORIES | |||
| # SHOULD BE OWNED AND WRITABLE ONLY BY ROOT. | |||
| allowed_media_dirs = /media/$USER, /run/media/$USER | |||
| # allowed_devices is the first criteria for what block devices users may mount | |||
| # or unmount. If a device is not listed in allowed_devices, it cannot be | |||
| # un/mounted (unless in fstab). However, even if a device is listed, other | |||
| # factors may prevent its use. For example, access to system internal devices | |||
| # will be denied to normal users even if they are included in allowed_devices. | |||
| # allowed_devices_FSTYPE, if present, is used to override allowed_devices when | |||
| # mounting or unmounting a specific fstype (eg ext3, ntfs). For example, to | |||
| # prevent all block devices containing an ext4 filesystem from being | |||
| # un/mounted use: | |||
| # allowed_devices_ext4 = | |||
| # Note: Wildcards may be used, but a wildcard will never match a /, except | |||
| # for "allowed_devices=*" which allows any device. The recommended setting is | |||
| # allowed_devices = /dev/* | |||
| # WARNING: ALLOWING USERS TO MOUNT DEVICES OUTSIDE OF /dev CAN CAUSE SERIOUS | |||
| # SECURITY PROBLEMS. DO NOT ALLOW DEVICES IN /dev/shm | |||
| allowed_devices = /dev/* | |||
| # allowed_internal_devices causes udevil to treat any listed block devices as | |||
| # removable, thus allowing normal users to un/mount them (providing they are | |||
| # also listed in allowed_devices). | |||
| # allowed_internal_devices_FSTYPE, if present, is used to override | |||
| # allowed_internal_devices when mounting or unmounting a specific fstype | |||
| # (eg ext3, ntfs). For example, to allow block devices containing a vfat | |||
| # filesystem to be un/mounted even if they are system internal devices, use: | |||
| # allowed_internal_devices_vfat = /dev/sdb* | |||
| # Some removable esata drives look like internal drives to udevil. To avoid | |||
| # this problem, they can be treated as removable with this setting. | |||
| # WARNING: SETTING A SYSTEM DEVICE HERE CAN CAUSE SERIOUS SECURITY PROBLEMS. | |||
| # allowed_internal_devices = | |||
| # allowed_internal_uuids and allowed_internal_uuids_FSTYPE work similarly to | |||
| # allowed_internal_devices, except that UUIDs are specified instead of devices. | |||
| # For example, to allow un/mounting of an internal filesystem based on UUID: | |||
| # allowed_internal_uuids = cc0c4489-8def-1e5b-a304-ab87c3cb626c0 | |||
| # WARNING: SETTING A SYSTEM DEVICE HERE CAN CAUSE SERIOUS SECURITY PROBLEMS. | |||
| # allowed_internal_uuids = | |||
| # forbidden_devices is used to prevent block devices from being un/mounted | |||
| # even if other settings would allow them (except devices in fstab). | |||
| # forbidden_devices_FSTYPE, if present, is used to override | |||
| # forbidden_devices when mounting or unmounting a specific fstype | |||
| # (eg ext3, ntfs). For example, to prevent device /dev/sdd1 from being | |||
| # mounted when it contains an ntfs filesystem, use: | |||
| # forbidden_devices_ntfs = /dev/sdd1 | |||
| # NOTE: device node paths are canonicalized before being tested, so forbidding | |||
| # a link to a device will have no effect. | |||
| forbidden_devices = | |||
| # allowed_networks determines what hosts may be un/mounted by udevil users when | |||
| # using nfs, cifs, smbfs, curlftpfs, ftpfs, or sshfs. Hosts may be specified | |||
| # using a hostname (eg myserver.com) or IP address (192.168.1.100). | |||
| # Wildcards may be used in hostnames and IP addresses, but CIDR notation | |||
| # (192.168.1.0/16) is NOT supported. IP v6 is supported. For example: | |||
| # allowed_networks = 127.0.0.1, 192.168.1.*, 10.0.0.*, localmachine, *.okay.com | |||
| # Or, to prevent un/mounting of any network shares, set: | |||
| # allowed_networks = | |||
| # allowed_networks_FSTYPE, if present, is used to override allowed_networks | |||
| # when mounting or unmounting a specific network fstype (eg nfs, cifs, sshfs, | |||
| # curlftpfs). For example, to limit nfs and samba shares to only local | |||
| # networks, use these two lines: | |||
| # allowed_networks_nfs = 192.168.1.*, 10.0.0.* | |||
| # allowed_networks_cifs = 192.168.1.*, 10.0.0.* | |||
| allowed_networks = * | |||
| # forbidden_networks and forbidden_networks_FSTYPE are used to specify networks | |||
| # that are never allowed, even if other settings allow them (except fstab). | |||
| # NO REVERSE LOOKUP IS PERFORMED, so including bad.com will only have an effect | |||
| # if the user uses that hostname. IP lookup is always performed, so forbidding | |||
| # an IP address will also forbid all corresponding hostnames. | |||
| forbidden_networks = | |||
| # allowed_files is used to determine what files in what directories may be | |||
| # un/mounted. A user must also have read permission on a file to mount it. | |||
| # Note: Wildcards may be used, but a wildcard will never match a /, except | |||
| # for "allowed_files=*" which allows any file, and a /** suffix, which matches | |||
| # all files recursively. | |||
| # For example, to allow only files in the /share directory to be mounted, use: | |||
| # allowed_files = /share/* | |||
| # To allow all files in the /share directory AND all subdirectories use: | |||
| # allowed_files = /share/** | |||
| # NOTE: Specifying allowed_files_FSTYPE will NOT work because the fstype of | |||
| # files is always 'file'. | |||
| allowed_files = * | |||
| # forbidden_files is used to specify files that are never allowed, even if | |||
| # other settings allow them (except fstab). Specify a full path. | |||
| # Note: Wildcards may be used, but a wildcard will never match a /, except | |||
| # for "forbidden_files = *", or a /** suffix, which matches all recursively. | |||
| # NOTE: file paths are canonicalized before being tested, so forbidding | |||
| # a link to a file will have no effect. | |||
| forbidden_files = | |||
| # default_options specifies what options are always included when performing | |||
| # a mount, in addition to any options the user may specify. | |||
| # Note: When a device is present in /etc/fstab, and the user does not specify | |||
| # a mount point, the device is mounted with normal user permissions using | |||
| # the fstab entry, without these options. | |||
| # default_options_FSTYPE, if present, is used to override default_options | |||
| # when mounting a specific fstype (eg ext2, nfs). | |||
| # The variables $USER, $UID, and $GID are changed to the user's username, UID, | |||
| # and GID. | |||
| # FOR GOOD SECURITY, default_options SHOULD ALWAYS INCLUDE: nosuid,noexec,nodev | |||
| # WARNING: OPTIONS PRESENT OR MISSING CAN CAUSE SERIOUS SECURITY PROBLEMS. | |||
| default_options = nosuid, noexec, nodev, noatime | |||
| default_options_file = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro | |||
| # mount iso9660 with 'ro' to prevent mount read-only warning | |||
| default_options_iso9660 = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro, utf8 | |||
| default_options_udf = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID | |||
| default_options_vfat = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, utf8 | |||
| default_options_exfat = nosuid, noexec, nodev, noatime, umask=0077, uid=$UID, gid=$GID, iocharset=utf8, namecase=0, nonempty | |||
| default_options_msdos = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID | |||
| default_options_umsdos = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID | |||
| default_options_ntfs = nosuid, noexec, nodev, noatime, fmask=0133, uid=$UID, gid=$GID, utf8 | |||
| default_options_cifs = nosuid, noexec, nodev, uid=$UID, gid=$GID | |||
| default_options_smbfs = nosuid, noexec, nodev, uid=$UID, gid=$GID | |||
| default_options_sshfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other | |||
| default_options_curlftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other | |||
| default_options_ftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID | |||
| default_options_davfs = nosuid, noexec, nodev, uid=$UID, gid=$GID | |||
| default_options_tmpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID | |||
| default_options_ramfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID | |||
| # allowed_options determines all options that a user may specify when mounting. | |||
| # All the options used in default_options above must be included here too, or | |||
| # they will be rejected. If the user attempts to use an option not included | |||
| # here, an error will result. Wildcards may be used. | |||
| # allowed_options_FSTYPE, if present, is used to override allowed_options | |||
| # when mounting a specific fstype (eg ext2, nfs). | |||
| # The variables $USER, $UID, and $GID are changed to the user's username, UID, | |||
| # and GID. | |||
| # If you want to forbid remounts, remove 'remount' from here. | |||
| # WARNING: OPTIONS HERE CAN CAUSE SERIOUS SECURITY PROBLEMS - CHOOSE CAREFULLY | |||
| allowed_options = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, ro, rw, sync, flush, iocharset=*, utf8, remount | |||
| allowed_options_nfs = nosuid, noexec, nodev, noatime, ro, rw, sync, remount, port=*, rsize=*, wsize=*, hard, proto=*, timeo=*, retrans=* | |||
| allowed_options_cifs = nosuid, noexec, nodev, ro, rw, remount, port=*, user=*, username=*, pass=*, password=*, guest, domain=*, uid=$UID, gid=$GID, credentials=* | |||
| allowed_options_smbfs = nosuid, noexec, nodev, ro, rw, remount, port=*, user=*, username=*, pass=*, password=*, guest, domain=*, uid=$UID, gid=$GID, credentials=* | |||
| allowed_options_sshfs = nosuid, noexec, nodev, noatime, ro, rw, uid=$UID, gid=$GID, nonempty, allow_other, idmap=user, BatchMode=yes, port=* | |||
| allowed_options_curlftpfs = nosuid, noexec, nodev, noatime, ro, rw, uid=$UID, gid=$GID, nonempty, allow_other, user=* | |||
| allowed_options_ftpfs = nosuid, noexec, nodev, noatime, ro, rw, port=*, user=*, pass=*, root=*, uid=$UID, gid=$GID | |||
| allowed_options_exfat = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, umask=0077, namecase=*, ro, rw, sync, flush, iocharset=*, remount, nonempty | |||
| # mount_point_mode, if present and set to a non-empty value, will cause udevil | |||
| # to set the mode (permissions) on the moint point after mounting If not | |||
| # specified or if left empty, the mode is not changed. Mode must be octal | |||
| # starting with a zero (0755). | |||
| # mount_point_mode_FSTYPE, if present, is used to override mount_point_mode | |||
| # when mounting a specific fstype (eg ext2, nfs). | |||
| # NOT SETTING A MODE CAN HAVE SECURITY IMPLICATIONS FOR SOME FSTYPES | |||
| mount_point_mode = 0755 | |||
| # don't set a mode for some types: | |||
| mount_point_mode_sshfs = | |||
| mount_point_mode_curlftpfs = | |||
| mount_point_mode_ftpfs = | |||
| # Use the settings below to change the default locations of programs used by | |||
| # udevil, or (advanced topic) to redirect commands to your scripts. | |||
| # When substituting scripts, make sure they are root-owned and accept the | |||
| # options used by udevil (for example, the mount_program must accept --fake, | |||
| # -o, -v, and other options valid to mount.) | |||
| # Be sure to specify the full path and include NO OPTIONS or other arguments. | |||
| # These programs may also be specified as configure options when building | |||
| # udevil. | |||
| # THESE PROGRAMS ARE RUN AS ROOT | |||
| # mount_program = /bin/mount | |||
| # umount_program = /bin/umount | |||
| # losetup_program = /sbin/losetup | |||
| # setfacl_program = /usr/bin/setfacl | |||
| # validate_exec specifies a program or script which provides additional | |||
| # validation of a mount or unmount command, beyond the checks performed by | |||
| # udevil. The program is run as a normal user (if root runs udevil, | |||
| # validate_exec will NOT be run). The program is NOT run if the user is | |||
| # mounting a device without root privileges (a device in fstab). | |||
| # The program is passed the username, a printable description of what is | |||
| # happening, and the entire udevil command line as the first three arguments. | |||
| # The program must return an exit status of 0 to allow the mount or unmount | |||
| # to proceed. If it returns non-zero, the user will be denied permission. | |||
| # For example, validate_exec might specify a script which notifies you | |||
| # of the command being run, or performs additional steps to authenticate the | |||
| # user. | |||
| # Specify a full path to the program, with NO options or arguments. | |||
| # validate_exec = | |||
| # validate_rootexec works similarly to validate_exec, except that the program | |||
| # is run as root. validate_rootexec will also be run if the root user runs | |||
| # udevil. If both validate_exec and validate_rootexec are specified, | |||
| # validate_rootexec will run first, followed by validate_exec. | |||
| # The program must return an exit status of 0 to allow the mount or unmount | |||
| # to proceed. If it returns non-zero, the user will be denied permission. | |||
| # Unless you are familiar with writing root scripts, it is recommended that | |||
| # rootexec settings NOT be used, as it is easy to inadvertently open exploits. | |||
| # THIS PROGRAM IS ALWAYS RUN AS ROOT, even if the user running udevil is not. | |||
| # validate_rootexec = | |||
| # success_exec is run after a successful mount, remount, or unmount. The | |||
| # program is run as a normal user (if root runs udevil, success_exec | |||
| # will NOT be run). | |||
| # The program is passed the username, a printable description of what action | |||
| # was taken, and the entire udevil command line as the first three arguments. | |||
| # The program's exit status is ignored. | |||
| # For example, success_exec might run a script which informs you of what action | |||
| # was taken, and might perform further actions. | |||
| # Specify a full path to the program, with NO options or arguments. | |||
| # success_exec = | |||
| # success_rootexec works similarly to success_exec, except that the program is | |||
| # run as root. success_rootexec will also be run if the root user runs udevil. | |||
| # If both success_exec and success_rootexec are specified, success_rootexec | |||
| # will run first, followed by success_exec. | |||
| # Unless you are familiar with writing root scripts, it is recommended that | |||
| # rootexec settings NOT be used, as it is easy to inadvertently open exploits. | |||
| # THIS PROGRAM IS ALWAYS RUN AS ROOT, even if the user running udevil is not. | |||
| # success_rootexec = | |||