commit 2ad789dfa721a1001d3757a93064431ab0f37511
author Will Drewry <wad@chromium.org> Wed Mar 17 23:51:08 2010
committer David McMahon <djmm@chromium.org> Thu Mar 18 01:40:51 2010
tree dbca9f45086a22fb77618da4e34a5bf44b57560a
parent 556ce4a6addf50655870b5e0459e736219c3a383

Ensure that login profile data is ephemeral

TEST=1966
BUG=1968

Review URL: http://codereview.chromium.org/1021006
(cherry picked from commit 18a9cb941767efa67995a4f0cef0cac97d46887b)

session_manager_setup.sh

diff --git a/session_manager_setup.sh b/session_manager_setup.sh
index dd1af3a..5e1ca83 100644
--- a/session_manager_setup.sh
+++ b/session_manager_setup.sh
@@ -21,6 +21,7 @@
 
 export USER=chronos
 export DATA_DIR=/home/${USER}
+export LOGIN_PROFILE_DIR=${DATA_DIR}/Default
 export LOGNAME=${USER}
 export SHELL=/bin/bash
 export HOME=${DATA_DIR}/user
@@ -36,6 +37,16 @@
 ${XAUTH} -q -f ${XAUTH_FILE} add :0 . ${MCOOKIE} && \
   chown ${USER}:${USER} ${XAUTH_FILE}
 
+# Disallow the login profile from having persistent data until
+# http://code.google.com/p/chromium-os/issues/detail?id=1967 is resolved.
+if mount | grep -q "${LOGIN_PROFILE_DIR} "; then
+  umount -f ${LOGIN_PROFILE_DIR}
+fi
+rm -rf ${LOGIN_PROFILE_DIR}
+mkdir -p ${LOGIN_PROFILE_DIR}
+mount -n -t tmpfs -onodev,noexec,nosuid loginprofile ${LOGIN_PROFILE_DIR}
+chown ${USER}:${USER} ${LOGIN_PROFILE_DIR}
+
 # temporary hack to tell cryptohome that we're doing chrome-login
 touch /tmp/doing-chrome-login