From 4aaa685b3dcd6748b20d764bd8be6f840357c768 Mon Sep 17 00:00:00 2001 From: 0x1eef <0x1eef@protonmail.com> Date: Fri, 19 Apr 2024 04:00:14 -0300 Subject: [PATCH] Switch branch in 'portzap pull' This commit covers a few changes: * The 'portzap pull' command now switches to '$PORTZAP_BRANCH' if 'git branch --show-current' returns a different branch. * The 'portzap pull' command fixes permissions and ownership on '/home/_portzap/ports/.git' before running any git commands. The owner and permissions can change by interacting with the git repository directly, as a user other than '_portzap'. * doas.conf has been changed to be slightly more strict --- libexec/portzap/git-changed-files | 5 +++-- libexec/portzap/git-removed-files | 3 ++- libexec/portzap/git-rev | 3 ++- libexec/portzap/portzap-clone | 5 +++-- libexec/portzap/portzap-install | 9 ++++---- libexec/portzap/portzap-pull | 36 ++++++++++++++++++++++++++++--- share/portzap/doas.conf | 6 +++--- 7 files changed, 50 insertions(+), 17 deletions(-) diff --git a/libexec/portzap/git-changed-files b/libexec/portzap/git-changed-files index f00bec5..a471ac4 100644 --- a/libexec/portzap/git-changed-files +++ b/libexec/portzap/git-changed-files @@ -2,13 +2,14 @@ ## # variables +git=/usr/local/bin/git gitdir=$1 commit=$2 ## # main cd "${gitdir}" -add=$(git diff --name-only --diff-filter=A "${commit}" HEAD) -mod=$(git diff --name-only --diff-filter=M "${commit}" HEAD) +add=$(doas -u _portzap "${git}" diff --name-only --diff-filter=A "${commit}" HEAD) +mod=$(doas -u _portzap "${git}" diff --name-only --diff-filter=M "${commit}" HEAD) echo "${add}" echo "${mod}" diff --git a/libexec/portzap/git-removed-files b/libexec/portzap/git-removed-files index 1190ebb..2a399cf 100644 --- a/libexec/portzap/git-removed-files +++ b/libexec/portzap/git-removed-files @@ -2,10 +2,11 @@ ## # variables +git=/usr/local/bin/git gitdir=$1 commit=$2 ## # main cd "${gitdir}" -git diff --name-only --diff-filter=D "${commit}" HEAD +doas -u _portzap "${git}" diff --name-only --diff-filter=D "${commit}" HEAD diff --git a/libexec/portzap/git-rev b/libexec/portzap/git-rev index 4f94ab8..6d167db 100644 --- a/libexec/portzap/git-rev +++ b/libexec/portzap/git-rev @@ -2,9 +2,10 @@ ## # variables +git=/usr/local/bin/git gitdir=$1 ## # main cd "${gitdir}" -git rev-parse HEAD +doas -u _portzap "${git}" rev-parse HEAD diff --git a/libexec/portzap/portzap-clone b/libexec/portzap/portzap-clone index f7c46c5..0ff104a 100755 --- a/libexec/portzap/portzap-clone +++ b/libexec/portzap/portzap-clone @@ -2,6 +2,7 @@ ## # variables +git=/usr/local/bin/git giturl=$1 gitdir=$2 branch=$3 @@ -15,9 +16,9 @@ if [ -e "${gitdir}/.git" ]; then fi set -x umask u=rwX,g=rwX,o= -git clone "${giturl}" "${gitdir}" +"${git}" clone "${giturl}" "${gitdir}" cd "${gitdir}" set +x +e echo "[-] Checkout ${branch}" -git checkout -t origin/"${branch}" > /dev/null 2>&1; +"${git}" checkout -t origin/"${branch}" > /dev/null 2>&1; echo "[-] Done" diff --git a/libexec/portzap/portzap-install b/libexec/portzap/portzap-install index 06e6757..f3bf241 100755 --- a/libexec/portzap/portzap-install +++ b/libexec/portzap/portzap-install @@ -5,16 +5,15 @@ gitdir=$1 installdir=$2 revfile=$3 -localbase="${LOCALBASE:-/usr/local}" -libexec="${localbase}/libexec/portzap" +libexec=$(dirname $0) ## # functions perform_update() { rev=$(cat "${revfile}") - add=$(doas -u _portzap "${libexec}"/git-changed-files "${gitdir}" "${rev}") - del=$(doas -u _portzap "${libexec}"/git-removed-files "${gitdir}" "${rev}") + add=$("${libexec}"/git-changed-files "${gitdir}" "${rev}") + del=$("${libexec}"/git-removed-files "${gitdir}" "${rev}") for file in ${del}; do target="${installdir}/${file}" parent=$(dirname "${target}") @@ -69,4 +68,4 @@ if [ -e "${revfile}" ]; then else perform_install fi -doas -u _portzap "${libexec}"/git-rev "${gitdir}" > "${revfile}" +"${libexec}"/git-rev "${gitdir}" > "${revfile}" diff --git a/libexec/portzap/portzap-pull b/libexec/portzap/portzap-pull index d676ad2..bf68249 100755 --- a/libexec/portzap/portzap-pull +++ b/libexec/portzap/portzap-pull @@ -2,16 +2,46 @@ ## # variables +git=/usr/local/bin/git gitdir=$1 branch=$2 +libexec=$(dirname "$0") + +## +# functions +set_repository_permissions() +{ + gitdir=$1 + doas -u root /bin/chmod -R u=rwX,g=rwX,o= "${gitdir}/.git" + doas -u root /usr/sbin/chown -R _portzap:_portzap "${gitdir}/.git" +} + +change_branch() +{ + set +e + remote=$1 + branch=$2 + echo "[-] Attempt to change branch: ${branch}" + "${git}" fetch "${remote}" > /dev/null 2>&1 + "${git}" checkout "${branch}" > /dev/null 2>&1 || + "${git}" checkout -t "${remote}"/"${branch}" > /dev/null 2>&1 + "${git}" reset HEAD --hard > /dev/null 2>&1 + echo "[-] Done" + set -e +} ## # main -set -x -umask u=rwX,g=rwX,o= if [ -e "${gitdir}/.git" ]; then + umask u=rwX,g=rwX,o= + set_repository_permissions "${gitdir}" cd "${gitdir}" - git pull --rebase origin "${branch}" + remote=$("${git}" remote | head -n1) + if [ $(git branch --show-current) != "${branch}" ]; then + change_branch "${remote}" "${branch}" + fi + set -x + "${git}" pull --rebase "${remote}" "${branch}" else set +x echo "[-] ${gitdir} is not a valid git repository." diff --git a/share/portzap/doas.conf b/share/portzap/doas.conf index 189aa83..81cad8e 100644 --- a/share/portzap/doas.conf +++ b/share/portzap/doas.conf @@ -3,6 +3,6 @@ permit nopass :_portzap as _portzap cmd /usr/local/libexec/portzap/portzap-clone permit nopass :_portzap as _portzap cmd /usr/local/libexec/portzap/portzap-pull permit nopass :_portzap as _portzap cmd /usr/local/libexec/portzap/portzap-erase -permit nopass root as _portzap cmd /usr/local/libexec/portzap/git-changed-files -permit nopass root as _portzap cmd /usr/local/libexec/portzap/git-removed-files -permit nopass root as _portzap cmd /usr/local/libexec/portzap/git-rev +permit nopass root as _portzap cmd /usr/local/bin/git +permit nopass _portzap as root cmd /bin/chmod args -R u=rwX,g=rwX,o= /home/_portzap/ports/.git +permit nopass _portzap as root cmd /usr/sbin/chown args -R _portzap:_portzap /home/_portzap/ports/.git