je55eah wrote: Sun Oct 23, 2022 7:01 pm
What is the purpose of this?
Code: Select all
if [ "$PROGRAM" = program ]; then
die 0 "Symlink whatever-spot to me, to launch \"whatever\" as spot."
fi
/usr/bin/seamonkey-spot is a symlink to /usr/bin/program-spot
Each time you launch "seamonkey-spot", you're actually launching "program-spot".
"program-spot" is a generic script that will attempt to run any program under the spot user. It learns what program to launch, by figuring under which name it is launched (=from the name of the symlink, in this example, it's "seamonkey-spot"). It then sheds the "-spot" suffix and use it as the name of the program to launch under the spot user.
However, it does not make sense to run program-spot on its own. So it checks for that and terminates itself if you accidentally launch program-spot directly. If you try to launch program-spot directly (not through symlink), then then "name under which it is launched" is just "program-spot", and after it sheds the "-spot" prefix, it will end up with "program" as the name of the program to launch.
That's that those 3 liens are for: if it detects that the name of the program to launch is just "program", it means that the user has mistakenly attempted to launch program-spot directly; and it refuses to do so.
Code: Select all
! [ $(id -u) = 0 ] && exec $PROGRAM "$@"
program-spot will launch the given program as spot, __but only__ when the logged-in user is root.
If the logged-in user is not root (=spot, fido, whatever user you created), then it will launch the program directly as the logged-in user, not as spot.
That's what this line is for.
Code: Select all
SPOT_HOME=$(awk -F: '$1=="spot" {print $6}' /etc/passwd)
This is a leftover code from when the time where program-spot would automatically switch to spot's home directory before launching the program. It basically grabs the location spot's home directory and store it to SPOT_HOME for later use; but it is no longer used as the later lines that use this value are all commented out (the 3 lines after this line). We left the code as is as an example/reminder because this simple code incantation may be useful for other spot-related scripts.
If I want to run another application as spot, is it enough to run-as-spot or does that other part also need to be implemented first?
You have two options. Let's pretend your program is xyzzy and is located in /usr/bin, that is, /usr/bin/xyzzy.
Option 1: create a script /usr/sbin/xyzzy-spot, which contains
Code: Select all
#!/bin/sh
run-as-spot /usr/bin/xyzzy "$@"
Option 2: Just create a symlink of program-spot to xyzzy-spot, like this:
Code: Select all
# ln -s program-spot /usr/bin/xyzzy-spot
With either options, when you launch /usr/bin/xyzzy-spot, it will run xyzzy under the user "spot" (if you're logged in as root).
Option 2 was how we did it in the past, before Fatdog 800 releases.
Option 1 is how we currently doing it. It's nice and simpler instead of having to repeat the same code over and over.
Of course, not everything will fit as nicely. Some programs requires more tweaks before they can be launched properly (e.g. you need to run firefox by prefixing it with apulse or you will hear no sound). In this case, we could insert the tweak elsewhere, or in the script that launch the program as spot. For the firefox example, we opt to write a custom firefox-spot that contains both the code to run-as-spot as well as prefix it with apulse --- instead of using the simplified Option 2.
So, which method to use?
If your program be be run under spot manually by typing "run-as-spot your program" in the terminal, you can use Option 2.
If your program is a bit more complex and you need to pass special parameter (e.g --user-data-directory "$SPOT_HOME"), or prefix it with apulse, etc ... you better use Option 1 by writing your own spot-launcher.