summaryrefslogtreecommitdiffstats
path: root/bin/container-shell
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2017-06-29 09:14:46 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2017-06-29 09:20:38 +0000
commit13f1aa11bd770faf8e66a72a7ac34fc1f7e2305a (patch)
tree1cdf704c14e208bc35e4ea25569ff14086ae4ed7 /bin/container-shell
parentAdding upstream version 20170522. (diff)
downloadopen-infrastructure-compute-tools-13f1aa11bd770faf8e66a72a7ac34fc1f7e2305a.tar.xz
open-infrastructure-compute-tools-13f1aa11bd770faf8e66a72a7ac34fc1f7e2305a.zip
Adding upstream version 20170629.upstream/20170629
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-xbin/container-shell51
1 files changed, 48 insertions, 3 deletions
diff --git a/bin/container-shell b/bin/container-shell
index 17c0849..38a9ab9 100755
--- a/bin/container-shell
+++ b/bin/container-shell
@@ -85,10 +85,55 @@ Shell ()
then
echo "'${COMMAND}': no such ${PROGRAM} command" >&2
return
- else
- echo
- sudo ${PROGRAM} ${COMMAND} ${OPTIONS} || true
fi
+
+ if [ -n "${CONTAINER_COMMANDS_ENABLE}" ]
+ then
+ COMMAND_ALLOWED=""
+
+ for CONTAINER_COMMAND in ${CONTAINER_COMMANDS_ENABLE}
+ do
+ case "${CONTAINER_COMMAND}" in
+ ${COMMAND}|all|about|logout|exit|help)
+ COMMAND_ALLOWED="true"
+ ;;
+ esac
+ done
+
+ case "${COMMAND_ALLOWED}" in
+ true)
+ ;;
+
+ *)
+ echo "'${COMMAND}': command not allowed for current user" >&2
+ return
+ ;;
+ esac
+ fi
+
+ if [ -n "${CONTAINER_COMMANDS_DISABLE}" ]
+ then
+ COMMAND_DISALLOWED=""
+
+ for CONTAINER_COMMAND in ${CONTAINER_COMMANDS_DISABLE}
+ do
+ case "${CONTAINER_COMMAND}" in
+ ${COMMAND}|all|about|logout|exit|help)
+ COMMAND_DISALLOWED="true"
+ ;;
+ esac
+ done
+
+ case "${COMMAND_DISALLOWED}" in
+ true)
+ echo "'${COMMAND}': command not allowed for current user" >&2
+ return
+ ;;
+ esac
+ fi
+
+ echo
+ sudo ${PROGRAM} ${COMMAND} ${OPTIONS} || true
}
trap 'echo' EXIT HUP INT QUIT TERM