PNG  IHDR pHYs   OiCCPPhotoshop ICC profilexڝSgTS=BKKoR RB&*! J!QEEȠQ, !{kּ> H3Q5 B.@ $pd!s#~<<+"x M0B\t8K@zB@F&S`cbP-`'{[! eDh;VEX0fK9-0IWfH  0Q){`##xFW<+*x<$9E[-qWW.(I+6aa@.y24x6_-"bbϫp@t~,/;m%h^ uf@Wp~<5j>{-]cK'Xto(hw?G%fIq^D$.Tʳ?D*A, `6B$BB dr`)B(Ͱ*`/@4Qhp.U=pa( Aa!ڈbX#!H$ ɈQ"K5H1RT UH=r9\F;2G1Q= C7F dt1r=6Ыhڏ>C03l0.B8, c˱" VcϱwE 6wB aAHXLXNH $4 7 Q'"K&b21XH,#/{C7$C2'ITFnR#,4H#dk9, +ȅ3![ b@qS(RjJ4e2AURݨT5ZBRQ4u9̓IKhhitݕNWGw Ljg(gwLӋT071oUX**| J&*/Tު UUT^S}FU3S ԖUPSSg;goT?~YYLOCQ_ cx,!k u5&|v*=9C3J3WRf?qtN (~))4L1e\kXHQG6EYAJ'\'GgSSݧ M=:.kDwn^Loy}/TmG X $ <5qo</QC]@Caaᄑ.ȽJtq]zۯ6iܟ4)Y3sCQ? 0k߬~OCOg#/c/Wװwa>>r><72Y_7ȷOo_C#dz%gA[z|!?:eAAA!h쐭!ΑiP~aa~ 'W?pX15wCsDDDޛg1O9-J5*>.j<74?.fYXXIlK9.*6nl {/]py.,:@LN8A*%w% yg"/6шC\*NH*Mz쑼5y$3,幄'L Lݛ:v m2=:1qB!Mggfvˬen/kY- BTZ(*geWf͉9+̳ې7ᒶKW-X潬j9(xoʿܔĹdff-[n ڴ VE/(ۻCɾUUMfeI?m]Nmq#׹=TR+Gw- 6 U#pDy  :v{vg/jBFS[b[O>zG499?rCd&ˮ/~јѡ򗓿m|x31^VwwO| (hSЧc3- cHRMz%u0`:o_F@8N ' p @8N@8}' p '#@8N@8N pQ9p!i~}|6-ӪG` VP.@*j>[ K^<֐Z]@8N'KQ<Q(`s" 'hgpKB`R@Dqj '  'P$a ( `D$Na L?u80e J,K˷NI'0eݷ(NI'؀ 2ipIIKp`:O'`ʤxB8Ѥx Ѥx $ $P6 :vRNb 'p,>NB 'P]-->P T+*^h& p '‰a ‰ (ĵt#u33;Nt̵'ޯ; [3W ~]0KH1q@8]O2]3*̧7# *p>us p _6]/}-4|t'|Smx= DoʾM×M_8!)6lq':l7!|4} '\ne t!=hnLn (~Dn\+‰_4k)0e@OhZ`F `.m1} 'vp{F`ON7Srx 'D˸nV`><;yMx!IS钦OM)Ե٥x 'DSD6bS8!" ODz#R >S8!7ّxEh0m$MIPHi$IvS8IN$I p$O8I,sk&I)$IN$Hi$I^Ah.p$MIN$IR8I·N "IF9Ah0m$MIN$IR8IN$I 3jIU;kO$ɳN$+ q.x* tEXtComment

Viewing File: /etc/security/namespace.init

#!/usr/bin/sh
# It receives as arguments:
# - $1 polydir path (see WARNING below)
# - $2 instance path (see WARNING below)
# - $3 flag whether the instance dir was newly created (0 - no, 1 - yes)
# - $4 user name
# - $5 flag whether the polydir path ($1) is safe (0 - unsafe, 1 -safe)
# - $6 flag whether the instance path ($2) is safe (0 - unsafe, 1 - safe)
#
# WARNING: This script is invoked with full root privileges. Accessing
# the polydir ($1) and the instance ($2) directories in this context may be
# extremely dangerous as those can be under user control. The flags $5 and $6
# are provided to let you know if all the segments part of the path (except the
# last one) are owned by root and are writable by root only. If the path does
# not meet these criteria, you expose yourself to possible symlink attacks when
# accessing these path.
# However, even if the path components are safe, the content of the
# directories may still be owned/writable by a user, so care must be taken!
#
# The following section will copy the contents of /etc/skel if this is a
# newly created home directory.

# Executes only if the polydir path is safe
if [ "$5" = 1 ]; then

    if [ "$3" = 1 ]; then
            # This line will fix the labeling on all newly created directories
            [ -x /sbin/restorecon ] && /sbin/restorecon "$1"
            user="$4"
            passwd=$(getent passwd "$user")
            homedir=$(echo "$passwd" | cut -f6 -d":")
            if [ "$1" = "$homedir" ]; then
                    gid=$(echo "$passwd" | cut -f4 -d":")
                    cp -rT /etc/skel "$homedir"
                    chown -R "$user":"$gid" "$homedir"
                    mask=$(sed -E -n 's/^UMASK[[:space:]]+([^#[:space:]]+).*/\1/p' /etc/login.defs)
                    mode=$(printf "%o" $((0777 & ~mask)))
                    chmod ${mode:-700} "$homedir"
                    [ -x /sbin/restorecon ] && /sbin/restorecon -R "$homedir"
            fi
    fi
fi
exit 0
Back to Directory=ceiIENDB`