#!/bin/sh
#  Copyright (C) 2013, Parallels, Inc. All rights reserved.
#
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
#
# Most distributions will need some kind of adjustment when running under
# user namespaces. One example is overriding the loginuid PAM module, that
# is, so far, meaningless inside a container. This script will apply various
# fixups if needed.

# Legacy udev will try to mount its own /dev in tmpfs, which will in turn
# destroy all our hand crafted setup. We need to undo it here.
fixup_udev()
{
	[ -f /etc/fedora-release ] && return
	[ -f /etc/redhat-release ] || return

	# rc.sysinit will touch this file after it finishes.
	timestamp=$(stat -c %x /.autofsck 2>/dev/null)
	i=0
	while true; do
		newstamp=$(stat -c %x /.autofsck 2>/dev/null)
		if [ "x$newstamp" = "x$timestamp" ]; then
			sleep 0.5
			i=$((i+1))
			[ $i -gt 10 ] && return
			continue
		fi
		break
	done

	umount /dev/pts
	umount /dev/shm
	umount /dev -l
}

fixup_loginuid()
{
	local pam_permit="security/pam_permit.so"
	local pam_loginuid="security/pam_loginuid.so"

	for dir in lib lib64 lib/x86_64-linux-gnu lib/i386-linux-gnu; do
		[ -f $dir/$pam_loginuid ] || continue
		mount --bind $dir/$pam_permit $dir/$pam_loginuid
		break
	done
}

[ "x$VZ_KERNEL" = "xyes" ] && exit 0
[ "x$USERNS" = "xno" ] && exit 0

fixup_udev &
fixup_loginuid

exit 0