latex-ub/install_unibremen/docker/compose_cep/gitbridge/files/init.sh

#!/bin/bash

# If mounted /etc is empty, copy from backup
if [ ! -d /etc/skel ]; then
    cp -a /etc_original/* /etc/
	mkdir -p /etc/skel/
	chmod  0700 /etc/skel/.ssh
	rm -f /etc/skel/.profile
	rm -f /etc/skel/.bashrc
	rm -f /etc/skel/.bash_logout
    rm -rf /etc_original
fi


# Create minimal system groups and users
if ! getent group nogroup >/dev/null 2>&1; then
    groupadd -r nogroup
fi

# Create a minimal system user for SSH and SSSD
if ! id -u sshd >/dev/null 2>&1; then
    useradd -r -g nogroup -s /bin/false sshd
fi

if [ ! -d /run/sshd ]; then
    mkdir -p /run/sshd
    chmod -R 0700 /run/sshd
fi

chmod 644 /etc/passwd
chmod 644 /etc/group
chmod 600 /etc/shadow

# Ensure overleafcep group exists
if ! getent group overleafcep >/dev/null 2>&1; then
    groupadd -r overleafcep
fi

echo "root ALL=(ALL) ALL" > /etc/sudoers

chown root:root /downloads
chmod 755 /downloads

/usr/sbin/syslogd

mkdir -p /master_jail/lib
mkdir -p /master_jail/lib64
mkdir -p /master_jail/lib/x86_64-linux-gnu
mkdir -p /master_jail/lib64
mkdir -p /master_jail/usr/lib/git-core
mkdir -p /master_jail/etc

cp /usr/lib/git-core/git-submodule /master_jail/usr/lib/git-core/
cp /usr/lib/git-core/git /master_jail/usr/lib/git-core/
cp /usr/lib/git-core/git-upload-pack /master_jail/usr/lib/git-core/
chmod +x /master_jail/usr/lib/git-core/*

# Lets extract which libs we need
cd /master_jail/usr/lib/git-core
ldd git | grep "=> " | awk {'print $3'}  > /master_jail/ldd_list
ldd git-submodule | grep "=> " | awk {'print $3'}  >> /master_jail/ldd_list

cd /master_jail
cat ldd_list | sort -u > ldd_list_nodups
\rm ldd_list
mv ldd_list_nodups ldd_list

for file in $(cat ldd_list)
do
    \cp $file /master_jail/lib/x86_64-linux-gnu
done
\rm ldd_list

\cp /lib64/ld-linux-x86-64.so.* /master_jail/lib64/

# The users need to access docker before they are put into jail. 
chmod 666 /var/run/docker.sock

/usr/sbin/sshd -D &

sleep infinity