On Tue, 03 Jun 2014 22:56:02 +0200 Jaap Winius <jwin...@umrk.nl> wrote:
> Some of the the sites that I maintain use an elaborate logout script, > located in /etc/X11/Xreset.d/, that runs as root and contains many > sudo commands to make changes to each user's home directory. It works > because these directories are made available via NFSv3 (another > story), but what if I was using AFS for them (or even NFSv4 with > Kerberos)? Is there some way to run an X11 logout script as an > unprivileged user, similar to /etc/bash.bash_logout? It's been a while since I've dealt with anything like this, but it sounds like you could handle this via Xsession.d instead. Normally that's for starting session-handling programs in the user's context (e.g. gpg-agent, ssh-agent, dbus; or krenew I think at some places), but since you're just waiting for the user's session to end, it could be used for this. Something like: $ cat /etc/X11/Xsession.d/51user-logout if [ -x /usr/local/bin/userlogoutscript ] ; then STARTUP="sh -c '$STARTUP ; /usr/local/bin/userlogoutscript'" fi Or something like that. The quoting/spacing/etc may get confused with other STARTUP modifiers, so you may just want to wrap it in a script so you can specify that like a normal STARTUP command (e.g. STARTUP="/usr/local/bin/wraplogout $STARTUP"). And obviously I haven't tested that or used something like that before; just an idea. Of course, to do anything like that you'd need to divide the "elaborate logout script" into things that need to actually run as root (which go in Xreset.d) and things that need to run as the user (which go in Xsession.d). Alternatively, it may also be possible to do this with some PAM modules that could run scripts when the user's session is destroyed, but I've never done that. -- Andrew Deason adea...@sinenomine.net _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info