[arch-projects] [initscripts][PATCH 1/5] arch-tmpfiles: don't truncate directories on --create

older
[arch-projects] [devtools] [PATCH]...

Dave Reisner

25 Dec 2011 25 Dec '11

7:27 p.m.

arch-tmpfiles should not truncate directories when invoked with --create. This matches behavior from systemd's tmpfiles binary. Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- Pointed out to me on IRC when someone asked if it was safe to run arch-tmpfiles --create on installation of a package. This makes it safe. arch-tmpfiles | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diff --git a/arch-tmpfiles b/arch-tmpfiles index f133a40..73c4328 100755 --- a/arch-tmpfiles +++ b/arch-tmpfiles @@ -87,17 +87,18 @@ _D() { # Create or empty a directory local path=$1 mode=$2 uid=$3 gid=$4 - (( CREATE )) || return 0 - if ! checkparams 4 "$@"; then warninvalid return fi - if [[ -d $path ]]; then + if [[ -d $path ]] && (( REMOVE )); then find "$path" -mindepth 1 -maxdepth 1 -xdev -print0 | xargs -r0 rm -rf fi - install -d -m"$mode" -o"$uid" -g"$gid" "$path" + + if (( CREATE )); then + install -d -m"$mode" -o"$uid" -g"$gid" "$path" + fi } _p() { -- 1.7.8.1

Show replies by date

Dave Reisner

25 Dec 25 Dec

7:27 p.m.

New subject: [arch-projects] [initscripts][PATCH 2/5] arch-tmpfiles: avoid pipe to xargs

Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- arch-tmpfiles | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/arch-tmpfiles b/arch-tmpfiles index 73c4328..859abe5 100755 --- a/arch-tmpfiles +++ b/arch-tmpfiles @@ -93,7 +93,7 @@ _D() { fi if [[ -d $path ]] && (( REMOVE )); then - find "$path" -mindepth 1 -maxdepth 1 -xdev -print0 | xargs -r0 rm -rf + find "$path" -mindepth 1 -maxdepth 1 -xdev -exec rm -rf {} + fi if (( CREATE )); then -- 1.7.8.1

Dave Reisner

7:27 p.m.

New subject: [arch-projects] [initscripts][PATCH 3/5] arch-tmpfiles: simplify action invocation

Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- Slightly less readable, but more correct. arch-tmpfiles | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/arch-tmpfiles b/arch-tmpfiles index 859abe5..a5eb535 100755 --- a/arch-tmpfiles +++ b/arch-tmpfiles @@ -242,7 +242,7 @@ while read -d '' fragment; do [[ ${line[3]} = '-' ]] && line[3]=0 [[ ${line[4]} = '-' ]] && line[4]=0 - _${line[0]} "${line[@]:1}" + "_${line[@]}" done <"$FILE" done < <(printf '%s\0' "${!fragments[@]}" | sort -z) -- 1.7.8.1

Dave Reisner

7:27 p.m.

New subject: [arch-projects] [initscripts][PATCH 4/5] arch-tmpfiles: simplify uid/gid validation

getent will process numeric UIDs/GIDs for us. Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- arch-tmpfiles | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch-tmpfiles b/arch-tmpfiles index a5eb535..723b6b7 100755 --- a/arch-tmpfiles +++ b/arch-tmpfiles @@ -25,12 +25,12 @@ checkparams() { fi # uid must be numeric or a valid user name - if [[ $uid && $uid != +([[:digit:]]) ]] && ! getent passwd "$uid" >/dev/null; then + if [[ $uid ]] && ! getent passwd "$uid" >/dev/null; then return 1 fi # gid must be numeric or a valid group name - if [[ $gid && $gid != +([[:digit:]]) ]] && ! getent group "$gid" >/dev/null; then + if [[ $gid ]] && ! getent group "$gid" >/dev/null; then return 1 fi -- 1.7.8.1

Dave Reisner

7:27 p.m.

New subject: [arch-projects] [initscripts][PATCH 5/5] arch-tmpfiles: add handling for _z and _Z

This doesn't actually relabel security contexts, since arch's coreutils isn't built with selinux support, but it handles maintenance of mode and ownership if you're into that sort of thing. Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- Mostly untested for the reasons above, but it's pretty much all copypasta anyways. This is mostly here to keep compliance with the upstream tool. If anyone wants to figure out a way to add conditional SELinux support in a way that doesn't suck, be my guest. arch-tmpfiles | 40 ++++++++++++++++++++++++++++++++++++++++ 1 files changed, 40 insertions(+), 0 deletions(-) diff --git a/arch-tmpfiles b/arch-tmpfiles index 723b6b7..3b94885 100755 --- a/arch-tmpfiles +++ b/arch-tmpfiles @@ -37,6 +37,24 @@ checkparams() { return 0 } +relabel() { + local -a paths=($1) + local mode=$2 uid=$3 gid=$4 + + if ! checkparams 4 "$@"; then + warninvalid + return + fi + + for path in "${paths[@]}"; do + if [[ -e $path ]]; then + [[ $uid != '-' ]] && chown $CHOPTS "$uid" "$path" + [[ $gid != '-' ]] && chgrp $CHOPTS "$gid" "$path" + [[ $mode != '-' ]] && chmod $CHOPTS "$mode" "$path" + fi + done +} + _f() { # Create a file if it doesn't exist yet local path=$1 mode=$2 uid=$3 gid=$4 @@ -168,6 +186,28 @@ _R() { done } +_z() { + # Set ownership, access mode and relabel security context of a file or + # directory if it exists. Lines of this type accept shell-style globs in + # place of normal path names. + local -a paths=($1) + local mode=$2 uid=$3 gid=$4 + + (( CREATE )) || return 0 + + relabel "$@" +} + +_Z() { + # Recursively set ownership, access mode and relabel security context of a + # path and all its subdirectories (if it is a directory). Lines of this type + # accept shell-style globs in place of normal path names. + + (( CREATE )) || return 0 + + CHOPTS=-R relabel "$@" +} + shopt -s nullglob declare -i CREATE=0 REMOVE=0 CLEAN=0 error=0 LINENO=0 -- 1.7.8.1

4712

Age (days ago)

4712

Last active (days ago)

List overview

Download

4 comments

1 participants

participants (1)

Dave Reisner