Moved some stuff around, added the first unit test, with no instructions on how to run it; updated readme for NOOP explanation.

client/bin/disco-fs-mount

@@ -43,7 +43,7 @@ if [ "$NOOP" != "" ]; then
     echo "export PATH=${DISCOROOT}/restricted/bin" >> ${DISCOROOT}/munge/etc/profile
 
     # Make default wrapper
-    echo -e "#!/bin/bash\necho \"info: Would execute \$0 \$@\"" > ${DISCOROOT}/restricted/bin/_disco_restricted_cmd
+    echo -e "#!/bin/bash\necho \"info: Would execute : \$(basename \$0) \$@\"" > ${DISCOROOT}/restricted/bin/_disco_restricted_cmd
     chmod +x ${DISCOROOT}/restricted/bin/_disco_restricted_cmd
 
     # Now link everything to the default wrapper

client/bin/disco-sh-exec

@@ -8,12 +8,7 @@ if [ $? -ne 0 ]; then
 fi
 
 # Strip out any shebang and put the script in the root
-mkdir -p ${DISCOROOT}/execs/$(dirname $2)
-cat $1 | sed s/'^#!.*'/''/g > ${DISCOROOT}/execs/$2
-if [ "$NOOP" != "" ]; then
-    chroot ${DISCOROOT}/chroot /bin/bash --restricted $2
-else
-    chroot ${DISCOROOT}/chroot /bin/bash $2
-fi
-./disco-fs-unmount
+mkdir -p ${DISCOROOT}/restricted/$(dirname $2)
+cat $1 | sed s/'^#!.*'/''/g > ${DISCOROOT}/restricted/$2
+$(dirname $0)/disco-sh-shell ${DISCOROOT}/restricted/$2
 exit $?

client/bin/disco-sh-shell

@@ -4,12 +4,13 @@ DISCOROOT=/var/disco/testfs
 
 mount | grep $DISCOROOT >/dev/null 2>&1
 if [ $? -ne 0 ]; then
-    ./disco-fs-mount
+    echo "disco filesystem is not mounted"
+    exit 0
 fi
+
 if [ "$NOOP" != "" ]; then
-    chroot ${DISCOROOT}/chroot /bin/rbash
+    chroot ${DISCOROOT}/chroot /bin/env PATH=${DISCOROOT}/restricted/bin /bin/bash --login --restricted $@
 else
-    chroot ${DISCOROOT}/chroot /bin/bash 
+    chroot ${DISCOROOT}/chroot /bin/bash --login $@
 fi
-./disco-fs-unmount
 exit $?

client/bin/disco-shutup

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+# This is a convenience to the user of restricted shells, so they can redirect stdout to /dev/null
+# Use like [ COMMAND | disco-shutup] ... doesn't do much for stderr, sorry.
+
+cat > /dev/null