/usr/bin/parrot_identity_box is in coop-computing-tools 4.0-1.1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | #!/bin/sh
vid="$1"
shift
command="$@"
parrot=`which parrot_run`
if [ "X$vid" = X ]
then
echo "Use: $0 <identity> [command]";
exit 1
fi
# Clean up the VID so that it can be used in the passwd file.
cleanvid=`echo -n "$vid" | tr : _`
# Get the current user's real uid and gid
uid=`id -u`
gid=`id -g`
# Create a private home directory for this process.
mkdir -p /tmp/home.${uid}/$cleanvid
HOME=/tmp/home.${uid}/$cleanvid
# Create a private passwd file listing only this user.
cat > $HOME/.passwd << EOF
$cleanvid:x:$uid:$gid:Unknown:$HOME:$SHELL
EOF
cat /etc/passwd >> $HOME/.passwd
cat > $HOME/.group <<EOF
none:x:$gid:$cleanvid
EOF
cat /etc/group >> $HOME/.group
# Create a private ACL so that this user can read and write here.
cat > $HOME/.__acl << EOF
$vid rwlax
EOF
# If no command was given, run the user's shell in the home dir
if [ "X$command" = X ]
then
command=$SHELL
cd $HOME
fi
# Finally, fork off parrot with a private environment and password file.
exec /usr/bin/env -i HOME=${HOME} SHELL=${SHELL} LANG=${LANG} TERM=${TERM} ${parrot} -H -M/etc/passwd=${HOME}/.passwd -M/etc/group=${HOME}/.group -u $vid -- $command
|