diff --git a/README.md b/README.md index 1036de6..d16d4aa 100644 --- a/README.md +++ b/README.md @@ -32,14 +32,18 @@ multiple times: # This command is delegated to the '_portzap' user user@localhost$ portzap checkout freebsd/main - # Install /home/_portzap/ports/ into /usr/ports/ - # This command requires root privileges - root@localhost# portzap install + # Run /bin/sh within /home/_portzap/ports/ + # This command is delegated to the '_portzap' user + user@localhost$ portzap sh # Remove the contents of /usr/ports/ and /home/_portzap/ports/ # This command requires root privileges root@localhost# portzap rm + # Install /home/_portzap/ports/ into /usr/ports/ + # This command requires root privileges + root@localhost# portzap install + #### Environment * __$PORTZAP\_CLONEURL__
diff --git a/bin/portzap b/bin/portzap index e68ece3..8258cf8 100755 --- a/bin/portzap +++ b/bin/portzap @@ -54,6 +54,10 @@ case $1 in require_dependency "git doas" "${libexec}"/commands/portzap-checkout "${gitdir}" "${2}" ;; + "sh") + require_dependency "doas" + "${libexec}"/commands/portzap-sh "${gitdir}" + ;; "rm") "${libexec}"/commands/portzap-rm "${gitdir}" "${installdir}" ;; @@ -68,6 +72,7 @@ case $1 in printf " clone Clone the hardenedbsd ports tree\n" printf " pull Pull updates from the hardenedbsd ports tree\n" printf " checkout Checkout a branch other than the default\n" + printf " sh Run /bin/sh within /home/_portzap/ports/\n" printf " rm Remove /usr/ports/ and /home/_portzap/ports/\n" printf " install Install the ports tree into /usr/ports/\n" ;; diff --git a/libexec/portzap/commands/portzap-sh b/libexec/portzap/commands/portzap-sh new file mode 100644 index 0000000..e30001c --- /dev/null +++ b/libexec/portzap/commands/portzap-sh @@ -0,0 +1,35 @@ +#!/bin/sh +set -e + +## +# variables +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)} +libexec="${localbase}"/libexec/portzap +user=_portzap +gitdir="${1}" + +## +# functions +# shellcheck source=/dev/null +. "${libexec}"/functions/print.sh + +## +# main +if [ "$(id -u)" = "0" ]; then + printerr "you must be a user other than root" + exit 1 +fi + +if [ ! -e "${gitdir}" ]; then + printerr "try 'portzap clone' instead" + exit 1 +fi + +if ! "${libexec}"/utils/isportzap-member; then + printerr "$(id -un) is not a member of _portzap" +fi + +cd "${gitdir}" +doas -n \ + -u "${user}" \ + /bin/sh diff --git a/man/man8/portzap.8 b/man/man8/portzap.8 index ac5d243..5a03278 100644 --- a/man/man8/portzap.8 +++ b/man/man8/portzap.8 @@ -38,17 +38,23 @@ Checkout a branch other than the default: hardenedbsd/main .br This command is delegated to the '_portzap' user .Pp -.Nm portzap install +.Nm portzap sh .br -Install /home/_portzap/ports/ into /usr/ports/ +Run /bin/sh within /home/_portzap/ports/ .br -This command requires root privileges +This command is delegated to the '_portzap' user .Pp .Nm portzap rm .br Remove the contents of /usr/ports/ and /home/_portzap/ports/ .br This command requires root privileges +.Pp +.Nm portzap install +.br +Install /home/_portzap/ports/ into /usr/ports/ +.br +This command requires root privileges .br .Sh ENVIRONMENT .sp