[PATCH 4/4] pacdiff: Don't use $SUDO on temporary files
Daniel M. Capella
polyzen at archlinux.org
Tue Mar 30 06:09:12 UTC 2021
On 3/29/21 5:02 AM, Denton Liu via pacman-contrib wrote:
> From: Denton Liu via pacman-contrib <pacman-contrib at lists.archlinux.org>
>
> In 19ab4fa (pacdiff: Add option to use sudo/sudoedit to manage files,
> 2021-03-27), pacdiff was taught to accept -s to run various commands
> with $SUDO. This introduced many instances of $SUDO in merge_file()
> where most of them are unnecessary.
>
> In particular, it is not necessary to $SUDO to write the temporary files
> as /tmp should be writable by all.
Do you have docs for this? My systems have dirs created by systemd that
are owned by root with 700 permissions.
> Also, remove the usage of sudoedit when comparing the original file with
> the merge result. This is because the merged file is placed in a
> writable directory. Attempting to run sudoedit on this file results in
> the following error:
>
> sudoedit: <file>: editing files in a writable directory is not permitted
Looks like you ran into:
> Files located in a directory that is writable by the invoking user
may not be edited unless that user is root (version 1.8.16 and higher).
$tempdir is owned by root if you use --sudo. Seems something went awry
during your testing?
> but root permissions are not really required since users should not
> write to the original file anyway. The merged file will be used to
> overwrite the original file at the end of the function anyway.
Will have to think about this more. Using the merged file is optional,
users may want to edit the original file here for one reason or another.
Might be good to keep sudoedit here even if just for consistency.
> Remove these unnecessary usages of $SUDO.
>
> Signed-off-by: Denton Liu <liu.denton at gmail.com>
> ---
> src/pacdiff.sh.in | 16 ++++++----------
> 1 file changed, 6 insertions(+), 10 deletions(-)
>
> diff --git a/src/pacdiff.sh.in b/src/pacdiff.sh.in
> index fe66a6e..3c34fdb 100644
> --- a/src/pacdiff.sh.in
> +++ b/src/pacdiff.sh.in
> @@ -117,20 +117,16 @@ merge_file() {
> fi
>
> basename="$(basename "$file")"
> - tempdir="$($SUDO mktemp -d --tmpdir "pacdiff-merge-$basename.XXX")"
> - base="$($SUDO mktemp "$tempdir"/"$basename.base.XXX")"
> - merged="$($SUDO mktemp "$tempdir"/"$basename.merged.XXX")"
> + tempdir="$(mktemp -d --tmpdir "pacdiff-merge-$basename.XXX")"
> + base="$(mktemp "$tempdir"/"$basename.base.XXX")"
> + merged="$(mktemp "$tempdir"/"$basename.merged.XXX")"
>
> - tar -xOf "$base_tar" "${file#/}" | $SUDO tee "$base" > /dev/null
> - if $SUDO $mergeprog "$file" "$base" "$pacfile" | $SUDO tee "$merged" > /dev/null; then
> + tar -xOf "$base_tar" "${file#/}" >"$base"
> + if $mergeprog "$file" "$base" "$pacfile" >"$merged"; then
> msg2 "Merged without conflicts."
> fi
>
> - if [[ -n "$SUDO" ]]; then
> - SUDO_EDITOR="$diffprog" sudoedit "$file" "$merged"
> - else
> - $diffprog "$file" "$merged"
> - fi
> + $diffprog "$file" "$merged"
>
> while :; do
> ask "Would you like to use the results of the merge? [y/n] "
--
Best,
Daniel <https://danielcapella.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xEA4F7B321A906AD9.asc
Type: application/pgp-keys
Size: 15463 bytes
Desc: OpenPGP public key
URL: <https://lists.archlinux.org/pipermail/pacman-contrib/attachments/20210330/6318c9fc/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/pacman-contrib/attachments/20210330/6318c9fc/attachment-0001.sig>
More information about the pacman-contrib
mailing list