Add 'portzap [setup|teardown]'
And improve setup/setup-doas.
This commit is contained in:
parent
364d40c71f
commit
493eb51b68
7 changed files with 78 additions and 13 deletions
14
README.md
14
README.md
|
@ -8,15 +8,19 @@ can be installed into `/usr/ports/` by root.
|
|||
|
||||
## CLI
|
||||
|
||||
### CLI: setup-portzap
|
||||
### CLI: setup
|
||||
|
||||
`setup-portzap` should be run after installing portzap for
|
||||
the first time. <br> There is no harm in running `setup-portzap`
|
||||
`portzap setup` should be run after installing portzap for
|
||||
the first time. <br> There is no harm in running `portzap setup`
|
||||
multiple times:
|
||||
|
||||
# Add the '_portzap' user, group and home directory
|
||||
# This command requires root privileges
|
||||
root@localhost# setup-portzap
|
||||
root@localhost# portzap setup
|
||||
|
||||
# Reverse the changes made by 'portzap setup'
|
||||
# This command requires root privileges
|
||||
root@localhost# portzap teardown
|
||||
|
||||
### CLI: group
|
||||
|
||||
|
@ -72,7 +76,7 @@ recent version of portzap can be installed via git:
|
|||
|
||||
# Install
|
||||
root@localhost# make install
|
||||
root@localhost# setup-portzap
|
||||
root@localhost# portzap setup
|
||||
|
||||
# Add user to '_portzap' group
|
||||
root@localhost# pw groupmod -n _portzap -m <user>
|
||||
|
|
12
bin/portzap
12
bin/portzap
|
@ -42,6 +42,12 @@ while [ "${i}" -le "$#" ]; do
|
|||
done
|
||||
|
||||
case $1 in
|
||||
"setup")
|
||||
"${libexec}"/commands/portzap-setup
|
||||
;;
|
||||
"teardown")
|
||||
"${libexec}"/commands/portzap-teardown
|
||||
;;
|
||||
"clone")
|
||||
require_dependency "git doas"
|
||||
"${libexec}"/commands/portzap-clone "${giturl}" "${gitdir}" "${defaultbranch}"
|
||||
|
@ -68,7 +74,11 @@ case $1 in
|
|||
*)
|
||||
printf "Usage: portzap COMMAND [OPTIONS]\n"
|
||||
printf "\n"
|
||||
printf "Commands:\n"
|
||||
printf "Setup\n"
|
||||
printf " setup Setup portzap for the first time\n"
|
||||
printf " teardown Reverse the changes made by 'portzap setup'\n"
|
||||
printf "\n"
|
||||
printf "General\n"
|
||||
printf " clone Clone the hardenedbsd ports tree\n"
|
||||
printf " pull Pull updates from the hardenedbsd ports tree\n"
|
||||
printf " checkout Checkout a branch other than the default\n"
|
||||
|
|
|
@ -3,7 +3,7 @@ set -e
|
|||
|
||||
##
|
||||
# variables
|
||||
localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/..)}
|
||||
localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)}
|
||||
libexec="${localbase}"/libexec/portzap
|
||||
|
||||
##
|
25
libexec/portzap/commands/portzap-teardown
Executable file
25
libexec/portzap/commands/portzap-teardown
Executable file
|
@ -0,0 +1,25 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
##
|
||||
# variables
|
||||
localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)}
|
||||
libexec="${localbase}"/libexec/portzap
|
||||
user=_portzap
|
||||
|
||||
##
|
||||
# functions
|
||||
# shellcheck source=/dev/null
|
||||
. "${libexec}"/functions/print.sh
|
||||
|
||||
##
|
||||
# main
|
||||
if [ "$(id -u)" = "0" ]; then
|
||||
pw userdel -n "${user}" || true
|
||||
pw groupdel -n "${user}" || true
|
||||
rm -rf /home/"${user}"/ || true
|
||||
printok "done"
|
||||
else
|
||||
printerr "you must be root"
|
||||
exit 1
|
||||
fi
|
|
@ -16,9 +16,12 @@ sharedir="${localbase}"/share/portzap
|
|||
# main
|
||||
src="${sharedir}"/doas.conf
|
||||
dest="${localbase}"/etc/doas.conf
|
||||
if grep -Fq "$(cat "${src}")" "${dest}"; then
|
||||
printok "doas.conf is up to date"
|
||||
else
|
||||
cat "${src}" >> "${dest}"
|
||||
printok "${dest} updated"
|
||||
cat "${src}" |
|
||||
while read -r line; do
|
||||
if grep "${line}" "${dest}" > /dev/null 2>&1; then
|
||||
continue
|
||||
fi
|
||||
cat "${src}" >> "${dest}"
|
||||
printok "modified ${dest}"
|
||||
break
|
||||
done
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
.Nm portzap
|
||||
.Nd manages a copy of the HardenedBSD ports tree
|
||||
.Sh SYNOPSIS
|
||||
.Nm portzap setup
|
||||
.Nm portzap teardown
|
||||
.Nm portzap clone
|
||||
.Nm portzap pull
|
||||
.Nm portzap checkout
|
||||
|
@ -16,7 +18,22 @@ manages a copy of the HardenedBSD ports tree.
|
|||
The copy of the ports tree is maintained by members of
|
||||
the '_portzap' group, and the copy of the ports tree
|
||||
can be installed into /usr/ports/ by root.
|
||||
.Sh EXAMPLES
|
||||
.Sh SETUP
|
||||
.sp
|
||||
.sp
|
||||
.Nm portzap setup
|
||||
.br
|
||||
Setup portzap for the first time
|
||||
.br
|
||||
This command requires root privileges
|
||||
.Pp
|
||||
.Nm portzap teardown
|
||||
.br
|
||||
Reverse the changes made by 'portzap setup'
|
||||
.br
|
||||
This command requires root privileges
|
||||
.Pp
|
||||
.Sh GENERAL
|
||||
.sp
|
||||
.sp
|
||||
.Nm portzap clone
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
* vNEXT
|
||||
|
||||
** Add 'setup/setup-doas' improvements
|
||||
More likely to do what's expected, but blind spots still exist
|
||||
|
||||
** Add 'portzap setup', 'portzap teardown'
|
||||
Replaces and enhances 'setup-portzap'
|
||||
|
||||
** Add libexec/portzap/commands/portzap-sh
|
||||
Runs /bin/sh within /home/_portzap/ports as the '_portzap' user
|
||||
|
||||
|
|
Loading…
Reference in a new issue