0x1eef/portzap
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add 'portzap [setup|teardown]'

Browse source 
And improve setup/setup-doas.
This commit is contained in:
0x1eef 2024-08-17 17:15:30 -03:00
parent 364d40c71f
commit 493eb51b68
7 changed files with 78 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
README.md
View file

@ -8,15 +8,19 @@ can be installed into `/usr/ports/` by root.
## CLI ## CLI
### CLI: setup-portzap ### CLI: setup
`setup-portzap` should be run after installing portzap for `portzap setup` should be run after installing portzap for
the first time. <br> There is no harm in running `setup-portzap` the first time. <br> There is no harm in running `portzap setup`
multiple times: multiple times:
# Add the '_portzap' user, group and home directory # Add the '_portzap' user, group and home directory
# This command requires root privileges # This command requires root privileges
root@localhost# setup-portzap root@localhost# portzap setup
# Reverse the changes made by 'portzap setup'
# This command requires root privileges
root@localhost# portzap teardown
### CLI: group ### CLI: group
@ -72,7 +76,7 @@ recent version of portzap can be installed via git:
# Install # Install
root@localhost# make install root@localhost# make install
root@localhost# setup-portzap root@localhost# portzap setup
# Add user to '_portzap' group # Add user to '_portzap' group
root@localhost# pw groupmod -n _portzap -m <user> root@localhost# pw groupmod -n _portzap -m <user>

12
bin/portzap
View file

@ -42,6 +42,12 @@ while [ "${i}" -le "$#" ]; do
done done
case $1 in case $1 in
"setup")
"${libexec}"/commands/portzap-setup
;;
"teardown")
"${libexec}"/commands/portzap-teardown
;;
"clone") "clone")
require_dependency "git doas" require_dependency "git doas"
"${libexec}"/commands/portzap-clone "${giturl}" "${gitdir}" "${defaultbranch}" "${libexec}"/commands/portzap-clone "${giturl}" "${gitdir}" "${defaultbranch}"
@ -68,7 +74,11 @@ case $1 in
*) *)
printf "Usage: portzap COMMAND [OPTIONS]\n" printf "Usage: portzap COMMAND [OPTIONS]\n"
printf "\n" printf "\n"
printf "Commands:\n" printf "Setup\n"
printf " setup Setup portzap for the first time\n"
printf " teardown Reverse the changes made by 'portzap setup'\n"
printf "\n"
printf "General\n"
printf " clone Clone the hardenedbsd ports tree\n" printf " clone Clone the hardenedbsd ports tree\n"
printf " pull Pull updates from the hardenedbsd ports tree\n" printf " pull Pull updates from the hardenedbsd ports tree\n"
printf " checkout Checkout a branch other than the default\n" printf " checkout Checkout a branch other than the default\n"

2
bin/setup-portzap → libexec/portzap/commands/portzap-setup
View file

@ -3,7 +3,7 @@ set -e
## ##
# variables # variables
localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/..)} localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)}
libexec="${localbase}"/libexec/portzap libexec="${localbase}"/libexec/portzap
## ##

25
libexec/portzap/commands/portzap-teardown Executable file
View file

@ -0,0 +1,25 @@
#!/bin/sh
set -e
##
# variables
localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)}
libexec="${localbase}"/libexec/portzap
user=_portzap
##
# functions
# shellcheck source=/dev/null
. "${libexec}"/functions/print.sh
##
# main
if [ "$(id -u)" = "0" ]; then
pw userdel -n "${user}" || true
pw groupdel -n "${user}" || true
rm -rf /home/"${user}"/ || true
printok "done"
else
printerr "you must be root"
exit 1
fi

13
libexec/portzap/setup/setup-doas
View file

@ -16,9 +16,12 @@ sharedir="${localbase}"/share/portzap
# main # main
src="${sharedir}"/doas.conf src="${sharedir}"/doas.conf
dest="${localbase}"/etc/doas.conf dest="${localbase}"/etc/doas.conf
if grep -Fq "$(cat "${src}")" "${dest}"; then cat "${src}" |
printok "doas.conf is up to date" while read -r line; do
else if grep "${line}" "${dest}" > /dev/null 2>&1; then
cat "${src}" >> "${dest}" continue
printok "${dest} updated"
fi fi
cat "${src}" >> "${dest}"
printok "modified ${dest}"
break
done

19
man/man8/portzap.8
View file

@ -5,6 +5,8 @@
.Nm portzap .Nm portzap
.Nd manages a copy of the HardenedBSD ports tree .Nd manages a copy of the HardenedBSD ports tree
.Sh SYNOPSIS .Sh SYNOPSIS
.Nm portzap setup
.Nm portzap teardown
.Nm portzap clone .Nm portzap clone
.Nm portzap pull .Nm portzap pull
.Nm portzap checkout .Nm portzap checkout
@ -16,7 +18,22 @@ manages a copy of the HardenedBSD ports tree.
The copy of the ports tree is maintained by members of The copy of the ports tree is maintained by members of
the '_portzap' group, and the copy of the ports tree the '_portzap' group, and the copy of the ports tree
can be installed into /usr/ports/ by root. can be installed into /usr/ports/ by root.
.Sh EXAMPLES .Sh SETUP
.sp
.sp
.Nm portzap setup
.br
Setup portzap for the first time
.br
This command requires root privileges
.Pp
.Nm portzap teardown
.br
Reverse the changes made by 'portzap setup'
.br
This command requires root privileges
.Pp
.Sh GENERAL
.sp .sp
.sp .sp
.Nm portzap clone .Nm portzap clone

6
share/portzap/CHANGELOG
View file

@ -1,5 +1,11 @@
* vNEXT * vNEXT
** Add 'setup/setup-doas' improvements
More likely to do what's expected, but blind spots still exist
** Add 'portzap setup', 'portzap teardown'
Replaces and enhances 'setup-portzap'
** Add libexec/portzap/commands/portzap-sh ** Add libexec/portzap/commands/portzap-sh
Runs /bin/sh within /home/_portzap/ports as the '_portzap' user Runs /bin/sh within /home/_portzap/ports as the '_portzap' user