Skip to content
Extraits de code Groupes Projets
Vérifiée Valider 184578b5 rédigé par Kubat's avatar Kubat
Parcourir les fichiers

Differenciate 'safe' and 'unsafe' commands 

Safe are in the system path
Unsafe are elsewhere (maybe in /opt or $HOME/{bin,.local/bib}, etc)
parent fcac58e6
Branches
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Afficher les modifications d'espaces
En ligne Côte à côte
Affichage de
avec 40 ajouts et 26 suppressions
stpkg
+ 40
26
Voir le fichier @ 184578b5
...@@ -239,6 +239,7 @@ __install() { ...@@ -239,6 +239,7 @@ __install() {
# Create the ~/config/stpkg.sh # Create the ~/config/stpkg.sh
[ ! -d ~/config ] && mkdir ~/config [ ! -d ~/config ] && mkdir ~/config
cat > $STPKG_CONF_FILE << EOF cat > $STPKG_CONF_FILE << EOF
# Please, only modify the 'STPKG_TOKEN'
if [ ! "x\$INSTALL" = "xyes" ]; then if [ ! "x\$INSTALL" = "xyes" ]; then
STPKG_BASE="$BASE_DIR" STPKG_BASE="$BASE_DIR"
STPKG_HOMESERV='matrix.org' STPKG_HOMESERV='matrix.org'
...@@ -263,10 +264,14 @@ STPKG_INSTALL="$STPKG_INSTALL" ...@@ -263,10 +264,14 @@ STPKG_INSTALL="$STPKG_INSTALL"
SSHFS_USER="$SSHFS" SSHFS_USER="$SSHFS"
SSHFS_MNT="`echo "$MNT" | sed "s+$HOME+~+g"`" SSHFS_MNT="`echo "$MNT" | sed "s+$HOME+~+g"`"
mountpoint $MNT >/dev/null 2>&1 mountpoint $MNT >/dev/null 2>&1
if [ \$? -ne 0 -a ! "x\$INSTALL" = "xyes" ]; then [ \$? -ne 0 -a ! "x\$INSTALL" = "xyes" ] && {
[ ! -d "\$STPKG_INSTALL" ] && { sshfs $SSHFS: $MNT || die "Failed to mount $SSHFS:~/ to $MNT"; } [ ! -d "\$STPKG_INSTALL" ] && {
[ ! -d "\$STPKG_INSTALL" ] && die 'Failed to mount $SSHFS:~/ to $MNT, sshfs problems?' sshfs $SSHFS: $MNT \
fi || die "Failed to mount $SSHFS:~/ to $MNT";
}
[ ! -d "\$STPKG_INSTALL" ] \
&& die 'Failed to mount $SSHFS:~/ to $MNT, sshfs problems?'
}
EOF EOF
# Do the sshfs hook # Do the sshfs hook
...@@ -320,10 +325,8 @@ if [ ! -d "$STPKG_INSTALL" ]; then ...@@ -320,10 +325,8 @@ if [ ! -d "$STPKG_INSTALL" ]; then
fi fi
info "Use STPKG_INSTALL: $STPKG_INSTALL`[ "x$STPKG_SSHFS" = "xyes" ] && echo ' (this is an sshfs install)'`" info "Use STPKG_INSTALL: $STPKG_INSTALL`[ "x$STPKG_SSHFS" = "xyes" ] && echo ' (this is an sshfs install)'`"
if [ "x$STPKG_BASE" = "x" ]; then [ "x$STPKG_BASE" = "x" ] && die \
die "The STPKG_BASE env var is mendatory, it must point to the sticker repo." \ "The STPKG_BASE env var is mendatory, it must point to the sticker repo. It should have been given by the install script"
"It should have been given by the install script"
fi
######################### #########################
# Cmd handler functions # # Cmd handler functions #
...@@ -337,15 +340,18 @@ __show() { ...@@ -337,15 +340,18 @@ __show() {
local REVISION=`expr $COMMITS - $REVISION` local REVISION=`expr $COMMITS - $REVISION`
local BRANCH=`git -C $STPKG_BASE branch 2>&1 | grep --color=auto "\*" | sed -e "s/* //" -e "s/$/ /"` local BRANCH=`git -C $STPKG_BASE branch 2>&1 | grep --color=auto "\*" | sed -e "s/* //" -e "s/$/ /"`
## SSHFS stuff local SAFE=0
if [ "x$STPKG_SSHFS" = "xyes" ]; then local UNSAFE=0
cat << EOF local UNSAFE_CMD=""
`__bold stpkg with sshfs install:` for CMD in $REQUIREMENTS; do
sshfs `[ -d $STPKG_INSTALL ] && __green 'mounted' || __yellow 'umounted'` [[ "`which $CMD`" =~ ^(/usr/bin|/bin|/sbin|/usr/sbin) ]] \
user $SSHFS_USER && local SAFE=`expr $SAFE + 1` \
mountpoint $SSHFS_MNT || {
EOF local UNSAFE=`expr $UNSAFE + 1`
fi local UNSAFE_CMD="$CMD $UNSAFE_CMD"
}
done
[ $UNSAFE -gt 0 ] && local UNSAFE=`__yellow $UNSAFE` || local UNSAFE=`__green $UNSAFE`
if [ "x$STPKG_TOKEN" = "x" ]; then if [ "x$STPKG_TOKEN" = "x" ]; then
local TOKEN=`__yellow 'absent' ` local TOKEN=`__yellow 'absent' `
...@@ -359,16 +365,22 @@ EOF ...@@ -359,16 +365,22 @@ EOF
local TOKEN="$TOKEN `__red "Sensitive data, I won't show it!"`" local TOKEN="$TOKEN `__red "Sensitive data, I won't show it!"`"
fi fi
## SSHFS stuff
if [ "x$STPKG_SSHFS" = "xyes" ]; then
cat << EOF
`__bold stpkg with sshfs install:`
sshfs `[ -d $STPKG_INSTALL ] && __green 'mounted' || { __yellow 'umounted'; echo " (should not be the case at this point)"; }`
user $SSHFS_USER
mountpoint $SSHFS_MNT
EOF
fi
## Version stuff ## Version stuff
cat << EOF cat << EOF
`__bold stpkg version:` `__bold stpkg version:`
branch $BRANCH branch $BRANCH
commits $COMMITS commits $COMMITS
revision $REVISION revision $REVISION
EOF
## Variable and commands stuff
cat << EOF
`__bold stpkg options and variables:` `__bold stpkg options and variables:`
`__green STPKG_INSTALL` `__italic $STPKG_INSTALL` `__green STPKG_INSTALL` `__italic $STPKG_INSTALL`
`__green STPKG_BASE` `__italic $STPKG_BASE` `__green STPKG_BASE` `__italic $STPKG_BASE`
...@@ -377,12 +389,14 @@ cat << EOF ...@@ -377,12 +389,14 @@ cat << EOF
`__green STPKG_HOMESERV` `__italic $STPKG_HOMESERV` `__green STPKG_HOMESERV` `__italic $STPKG_HOMESERV`
`__green STPKG_TOKEN` $TOKEN `__green STPKG_TOKEN` $TOKEN
`__bold aliased commands due to the '"require"' function:` `__bold aliased commands due to the '"require"' function:`
safe (system) `__green $SAFE`
unsafe (user) $UNSAFE
EOF EOF
for CMD in $REQUIREMENTS; do [ ! -z "$UNSAFE_CMD" ] && {
echo -e " `__green $CMD` `which $CMD`" echo -ne ' '`__yellow unsafe commands`' '
done | sort | column -t | while IFS= read LINE; do for CMD in $UNSAFE_CMD; do echo -n "$CMD "; done
echo " $LINE" echo ''
done }
} }
__update() { __update() {
......
0% ou .
You are about to add 0 people to the discussion. Proceed with caution.
Veuillez vous inscrire ou vous pour commenter