0x1eef/portzap
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Honor umask

Browse source 
This change is a revert of previous commits that worked around
the umask not being honored. This commit runs git with the correct
umask, and avoids any need to run chmod manually. The number of
doas.conf rules has been reduced to 2.
This commit is contained in:
0x1eef 2024-04-20 05:21:19 -03:00
parent 6250b5f995
commit bd84f7f134
6 changed files with 55 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
libexec/portzap/git-changed-files
View file

@ -7,10 +7,18 @@ git="${localbase}"/bin/git
gitdir=$1 gitdir=$1
commit=$2 commit=$2
##
# functions
gitexec()
{
doas -n -u _portzap \
/bin/sh -c "umask ${mode}; ${git} ${1}"
}
## ##
# main # main
cd "${gitdir}" cd "${gitdir}"
add=$(doas -u _portzap "${git}" diff --name-only --diff-filter=A "${commit}" HEAD) add=$(gitexec "diff --name-only --diff-filter=A ${commit} HEAD")
mod=$(doas -u _portzap "${git}" diff --name-only --diff-filter=M "${commit}" HEAD) mod=$(gitexec "diff --name-only --diff-filter=M ${commit} HEAD")
echo "${add}" echo "${add}"
echo "${mod}" echo "${mod}"

10
libexec/portzap/git-removed-files
View file

@ -7,7 +7,15 @@ git="${localbase}"/bin/git
gitdir=$1 gitdir=$1
commit=$2 commit=$2
##
# functions
gitexec()
{
doas -n -u _portzap \
/bin/sh -c "umask ${mode}; ${git} ${1}"
}
## ##
# main # main
cd "${gitdir}" cd "${gitdir}"
doas -u _portzap "${git}" diff --name-only --diff-filter=D "${commit}" HEAD gitexec "diff --name-only --diff-filter=D ${commit} HEAD"

10
libexec/portzap/git-rev
View file

@ -5,7 +5,15 @@
git=/usr/local/bin/git git=/usr/local/bin/git
gitdir=$1 gitdir=$1
##
# functions
gitexec()
{
doas -n -u _portzap \
/bin/sh -c "umask ${mode}; ${git} ${1}"
}
## ##
# main # main
cd "${gitdir}" cd "${gitdir}"
doas -u _portzap "${git}" rev-parse HEAD gitexec "rev-parse HEAD"

22
libexec/portzap/portzap-clone
View file

@ -8,7 +8,15 @@ git="${localbase}"/bin/git
giturl=$1 giturl=$1
gitdir=$2 gitdir=$2
branch=$3 branch=$3
mode="u=rwX,g=rX,o=" mode=u=rwX,g=rX,o=
##
# functions
gitexec()
{
doas -n -u _portzap \
/bin/sh -c "umask ${mode}; ${git} ${1}"
}
## ##
# main # main
@ -24,16 +32,10 @@ if [ -e "${gitdir}/.git" ]; then
fi fi
set -x set -x
umask ${mode} gitexec "clone ${giturl} ${gitdir}"
doas -u _portzap "${git}" clone "${giturl}" "${gitdir}"
cd "${gitdir}" cd "${gitdir}"
gitexec "config core.filemode off"
set +x set +x
echo "[-] Adjust filemode. This might take a while"
doas -u _portzap "${git}" config core.filemode off
doas -u root /bin/chmod -R ${mode} "${gitdir}"
echo "[-] git checkout ${branch}" echo "[-] git checkout ${branch}"
doas -u _portzap "${git}" \ gitexec "checkout -t origin/${branch} > /dev/null 2>&1"
checkout -t \
origin/"${branch}" \
> /dev/null 2>&1
echo "[-] Done" echo "[-] Done"

25
libexec/portzap/portzap-pull
View file

@ -12,15 +12,21 @@ owner="_portzap:_portzap"
## ##
# functions # functions
gitexec()
{
doas -n -u _portzap \
/bin/sh -c "umask ${mode}; ${git} ${1}"
}
change_branch() change_branch()
{ {
set +e set +e
remote=$1 remote=$1
branch=$2 branch=$2
echo "[-] Attempt to change branch: ${branch}" echo "[-] Attempt to change branch: ${branch}"
doas -u _portzap "${git}" fetch "${remote}" > /dev/null 2>&1 gitexec "fetch ${remote} > /dev/null 2>&1"
if ! doas -u _portzap "${git}" checkout "${branch}" > /dev/null 2>&1 || if ! gitexec "checkout ${branch} > /dev/null 2>&1" ||
doas -u _portzap "${git}" checkout -t "${remote}"/"${branch}" > /dev/null 2>&1; then gitexec "checkout -t ${remote}/${branch} > /dev/null 2>&1"; then
r="${?}" r="${?}"
echo "[-] 'git checkout' exited with an error" echo "[-] 'git checkout' exited with an error"
exit "${r}" exit "${r}"
@ -45,15 +51,10 @@ if [ ! -e "${gitdir}/.git" ]; then
fi fi
umask ${mode} umask ${mode}
doas -u root /bin/chmod -R "${mode}" "${gitdir}/.git"
doas -u root /usr/sbin/chown -R "${owner}" "${gitdir}/.git"
cd "${gitdir}" cd "${gitdir}"
remote=$("${git}" remote | head -n1) remote=$(gitexec "remote" | head -n1)
if [ "$(git branch --show-current)" != "${branch}" ]; then cbranch=$(gitexec "branch --show-current")
if [ "${cbranch}" != "${branch}" ]; then
change_branch "${remote}" "${branch}" change_branch "${remote}" "${branch}"
fi fi
set -x gitexec "pull --rebase ${remote} ${branch}"
doas -u _portzap "${git}" pull --rebase "${remote}" "${branch}"
set +x
echo "[-] Adjust filemode. This might take a while"
doas -u root /bin/chmod -R "${mode}" "${gitdir}"

7
share/portzap/doas.conf
View file

@ -1,7 +1,4 @@
## ##
# portzap # portzap
permit nopass root as _portzap cmd /usr/local/bin/git permit nopass root as _portzap cmd /bin/sh
permit nopass :_portzap as _portzap cmd /usr/local/bin/git permit nopass :_portzap as _portzap cmd /bin/sh
permit nopass :_portzap as root cmd /bin/chmod args -R u=rwX,g=rX,o= /home/_portzap/ports
permit nopass :_portzap as root cmd /bin/chmod args -R u=rwX,g=rX,o= /home/_portzap/ports/.git
permit nopass :_portzap as root cmd /usr/sbin/chown args -R _portzap:_portzap /home/_portzap/ports/.git