From 8b63c53aa92bbff240d66b089c3dc61cb6087c69 Mon Sep 17 00:00:00 2001 From: 0x1eef <0x1eef@protonmail.com> Date: Sat, 1 Jun 2024 00:50:47 -0300 Subject: [PATCH] Adopt many recent portzap updates --- bin/setup-sourcezap | 29 +++++++---- bin/sourcezap | 24 +++++---- libexec/sourcezap/commands/sourcezap-checkout | 51 ++++++++++++++++++ libexec/sourcezap/commands/sourcezap-clone | 52 +++++++++++++++++++ .../{ => commands}/sourcezap-install | 12 +++-- libexec/sourcezap/commands/sourcezap-pull | 49 +++++++++++++++++ libexec/sourcezap/{ => commands}/sourcezap-rm | 9 +++- libexec/sourcezap/git-changed-files | 0 libexec/sourcezap/git-removed-files | 0 libexec/sourcezap/git-rev | 0 libexec/sourcezap/issourcezap-member | 0 libexec/sourcezap/sourcezap-checkout | 40 -------------- libexec/sourcezap/sourcezap-clone | 41 --------------- libexec/sourcezap/sourcezap-pull | 37 ------------- libexec/sourcezap/utils/gitexec | 13 +++++ libexec/sourcezap/utils/printerr | 10 ++++ libexec/sourcezap/utils/printok | 10 ++++ 17 files changed, 236 insertions(+), 141 deletions(-) create mode 100755 libexec/sourcezap/commands/sourcezap-checkout create mode 100755 libexec/sourcezap/commands/sourcezap-clone rename libexec/sourcezap/{ => commands}/sourcezap-install (89%) create mode 100755 libexec/sourcezap/commands/sourcezap-pull rename libexec/sourcezap/{ => commands}/sourcezap-rm (83%) mode change 100644 => 100755 mode change 100644 => 100755 libexec/sourcezap/git-changed-files mode change 100644 => 100755 libexec/sourcezap/git-removed-files mode change 100644 => 100755 libexec/sourcezap/git-rev mode change 100644 => 100755 libexec/sourcezap/issourcezap-member delete mode 100644 libexec/sourcezap/sourcezap-checkout delete mode 100755 libexec/sourcezap/sourcezap-clone delete mode 100755 libexec/sourcezap/sourcezap-pull create mode 100755 libexec/sourcezap/utils/gitexec create mode 100755 libexec/sourcezap/utils/printerr create mode 100755 libexec/sourcezap/utils/printok diff --git a/bin/setup-sourcezap b/bin/setup-sourcezap index 999da5d..b39b3d0 100755 --- a/bin/setup-sourcezap +++ b/bin/setup-sourcezap @@ -3,35 +3,44 @@ set -e ## # variables -localbase="${LOCALBASE:-/usr/local}" +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/..)} +libexec="${localbase}"/libexec/sourcezap conf=$(cat "${localbase}"/share/sourcezap/doas.conf) doas="${localbase}"/etc/doas.conf +## +# functions +printok() +{ + "${libexec}"/utils/printok "${1}" +} + +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + ## # main if [ "$(id -u)" != "0" ]; then - echo "[x] This command must be run by root" + printerr "you must be root" exit 1 fi if id -u _sourcezap > /dev/null 2>&1; then - echo "[-] The _sourcezap user exists" - echo "[-] Add user(s) to the _sourcezap group:" - echo "root# pw groupmod -n _sourcezap -m user1,user2" + printok "_sourcezap user exists" else pw useradd -n _sourcezap \ -c "sourcezap user" \ -m \ -s /sbin/nologin chmod u=rwX,g=rX,o= /home/_sourcezap/ - echo "[-] The _sourcezap user, group and home directory have been created." - echo "[-] Add user(s) to the _sourcezap group:" - echo "root# pw groupmod -n _sourcezap -m user1,user2" + printok "create _sourcezap user" fi if grep -F "^${conf}$" "${doas}" > /dev/null 2>&1; then - echo "[-] No changes made to ${doas}" + printok "${doas} is up to date" else echo "$conf" >> "$doas" - echo "[-] ${doas} has been changed. Please review the changes" + printok "update ${doas} (note: review the update)" fi diff --git a/bin/sourcezap b/bin/sourcezap index ff5a49f..6c3bf8e 100755 --- a/bin/sourcezap +++ b/bin/sourcezap @@ -3,21 +3,27 @@ set -e ## # variables -localbase="${LOCALBASE:-/usr/local}" +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/..)} +libexec="${localbase}"/libexec/sourcezap defaultbranch="hardened/14-stable/master" gitdir="/home/_sourcezap/src" giturl="${SOURCEZAP_CLONEURL:-https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git}" installdir="${SOURCEZAP_INSTALLDIR:-/usr/src}" revision="${installdir}"/.sourcezap -libexec="${localbase}"/libexec/sourcezap ## # functions -require_dependency() { +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + +require_dependency() +{ deps=$1 for dep in $deps; do if ! which -s "$dep"; then - echo "[x] This command requires ${dep}, but ${dep} wasn't found" + printerr "${dep} wasn't found on \$PATH" exit 1 fi done @@ -40,22 +46,22 @@ done case $1 in "clone") require_dependency "git doas" - "${libexec}"/sourcezap-clone "${giturl}" "${gitdir}" "${defaultbranch}" + "${libexec}"/commands/sourcezap-clone "${giturl}" "${gitdir}" "${defaultbranch}" ;; "pull") require_dependency "git doas" - "${libexec}"/sourcezap-pull "${gitdir}" + "${libexec}"/commands/sourcezap-pull "${gitdir}" ;; "checkout") require_dependency "git doas" - "${libexec}"/sourcezap-checkout "${gitdir}" "${2}" + "${libexec}"/commands/sourcezap-checkout "${gitdir}" "${2}" ;; "rm") - "${libexec}"/sourcezap-rm "${gitdir}" "${installdir}" + "${libexec}"/commands/sourcezap-rm "${gitdir}" "${installdir}" ;; "install") require_dependency "git doas" - "${libexec}"/sourcezap-install "${gitdir}" "${installdir}" "${revision}" + "${libexec}"/commands/sourcezap-install "${gitdir}" "${installdir}" "${revision}" ;; *) printf "Usage: sourcezap COMMAND [OPTIONS]\n" diff --git a/libexec/sourcezap/commands/sourcezap-checkout b/libexec/sourcezap/commands/sourcezap-checkout new file mode 100755 index 0000000..5df31d0 --- /dev/null +++ b/libexec/sourcezap/commands/sourcezap-checkout @@ -0,0 +1,51 @@ +#!/bin/sh +set -e + +## +# variables +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)} +libexec="${localbase}"/libexec/sourcezap +gitdir=$1 +branch=$2 + +## +# functions +gitexec() +{ + "${libexec}"/utils/gitexec "${1}" +} + +printok() +{ + "${libexec}"/utils/printok "${1}" +} + +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + +## +# main +if [ "$(id -u)" = "0" ]; then + printerr "you must be a user other than root" + exit 1 +fi + +if ! "${libexec}"/issourcezap-member; then + printerr "$(id -un) is not a member of _sourcezap" + exit 1 +fi + +if [ ! -e "${gitdir}/.git" ]; then + printerr "try 'portzap clone' instead" + exit 1 +fi + +set -x +cd "${gitdir}" +gitexec "fetch origin" +gitexec "checkout ${branch}" || +gitexec "checkout -t origin/${branch}" +set +x +printok "${branch} checked out" diff --git a/libexec/sourcezap/commands/sourcezap-clone b/libexec/sourcezap/commands/sourcezap-clone new file mode 100755 index 0000000..3d253bb --- /dev/null +++ b/libexec/sourcezap/commands/sourcezap-clone @@ -0,0 +1,52 @@ +#!/bin/sh +set -e + +## +# variables +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)} +libexec="${localbase}"/libexec/sourcezap +giturl=$1 +gitdir=$2 +branch=$3 + +## +# functions +gitexec() +{ + "${libexec}"/util/gitexec "${1}" +} + +printok() +{ + "${libexec}"/utils/printerr "${1}" +} + +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + +## +# main +if [ "$(id -u)" = "0" ]; then + printerr "you must be a user other than root" + exit 1 +fi + +if ! "${libexec}"/issourcezap-member; then + printerr "$(id -un) is not a member of _sourcezap" + exit 1 +fi + +if [ -e "${gitdir}/.git" ]; then + printerr "try 'sourcezap pull' instead" + exit 1 +fi + +set -x +gitexec "clone ${giturl} ${gitdir}" +cd "${gitdir}" +gitexec "config core.filemode off" +gitexec "checkout -t origin/${branch}" +set +x +printok "clone complete" diff --git a/libexec/sourcezap/sourcezap-install b/libexec/sourcezap/commands/sourcezap-install similarity index 89% rename from libexec/sourcezap/sourcezap-install rename to libexec/sourcezap/commands/sourcezap-install index be76a61..02be93e 100755 --- a/libexec/sourcezap/sourcezap-install +++ b/libexec/sourcezap/commands/sourcezap-install @@ -3,11 +3,12 @@ set -e ## # variables +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)} +libexec="${localbase}"/libexec/sourcezap +mode=u=rwX,g=rX,o= gitdir=$1 installdir=$2 revfile=$3 -libexec=$(dirname "$0") -mode="u=rwX,g=rX,o=" ## # functions @@ -63,10 +64,15 @@ run_install() install -o root -g _sourcezap -m "${mode}" -v "$@" } +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + ## # main if [ "$(id -u)" != "0" ]; then - echo "[x] This command must be run by root" + printerr "you must be root" exit 1 fi diff --git a/libexec/sourcezap/commands/sourcezap-pull b/libexec/sourcezap/commands/sourcezap-pull new file mode 100755 index 0000000..613d415 --- /dev/null +++ b/libexec/sourcezap/commands/sourcezap-pull @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +## +# variables +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)} +libexec="${localbase}"/libexec/sourcezap +gitdir=$1 + +## +# functions +gitexec() +{ + "${libexec}"/utils/gitexec "${1}" +} + +printok() +{ + "${libexec}"/utils/printok "${1}" +} + +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + +## +# main +if [ "$(id -u)" = "0" ]; then + printerr "you must be a user other than root" + exit 1 +fi + +if ! "${libexec}"/issourcezap-member; then + printerr "$(id -un) is not a member of _sourcezap" + exit 1 +fi + +if [ ! -e "${gitdir}/.git" ]; then + set +x + printerr "try 'sourcezap clone' instead" + exit 1 +fi + +set -x +cd "${gitdir}" +branch=$(gitexec "branch --show-current") +gitexec "pull --rebase origin ${branch}" +printok "pull complete" diff --git a/libexec/sourcezap/sourcezap-rm b/libexec/sourcezap/commands/sourcezap-rm old mode 100644 new mode 100755 similarity index 83% rename from libexec/sourcezap/sourcezap-rm rename to libexec/sourcezap/commands/sourcezap-rm index 33749c8..963b28f --- a/libexec/sourcezap/sourcezap-rm +++ b/libexec/sourcezap/commands/sourcezap-rm @@ -3,6 +3,8 @@ set -e ## # variables +localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)} +libexec="${localbase}"/libexec/sourcezap gitdir=$1 installdir=$2 @@ -22,10 +24,15 @@ erase() echo } +printerr() +{ + "${libexec}"/utils/printerr "${1}" +} + ## # main if [ "$(id -u)" != "0" ]; then - echo "[x] This command must be run by root" + printerr "you must be root" exit 1 fi diff --git a/libexec/sourcezap/git-changed-files b/libexec/sourcezap/git-changed-files old mode 100644 new mode 100755 diff --git a/libexec/sourcezap/git-removed-files b/libexec/sourcezap/git-removed-files old mode 100644 new mode 100755 diff --git a/libexec/sourcezap/git-rev b/libexec/sourcezap/git-rev old mode 100644 new mode 100755 diff --git a/libexec/sourcezap/issourcezap-member b/libexec/sourcezap/issourcezap-member old mode 100644 new mode 100755 diff --git a/libexec/sourcezap/sourcezap-checkout b/libexec/sourcezap/sourcezap-checkout deleted file mode 100644 index 9e364b3..0000000 --- a/libexec/sourcezap/sourcezap-checkout +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh -set -e - -## -# variables -libexec=$(dirname "$0") -localbase=${LOCALBASE:-/usr/local} -git="${localbase}"/bin/git -mode="u=rwX,g=rX,o=" -gitdir="$1" -branch="$2" - -## -# functions -gitexec() -{ - doas -n -u _sourcezap \ - /bin/sh -c "umask ${mode}; ${git} ${1}" -} - -## -# main -if ! "${libexec}"/issourcezap-member; then - echo "[x] This command must be run by a member of the '_sourcezap' group" - exit 1 -fi - -if [ ! -e "${gitdir}/.git" ]; then - echo "[x] ${gitdir} is not a valid git repository." - echo "[x] Try: sourcezap clone" - exit 1 -fi - -set -x -cd "${gitdir}" -gitexec "fetch origin" -gitexec "checkout ${branch}" || -gitexec "checkout -t origin/${branch}" -set +x -printf "current branch: %s\n" "${branch}" diff --git a/libexec/sourcezap/sourcezap-clone b/libexec/sourcezap/sourcezap-clone deleted file mode 100755 index f784b50..0000000 --- a/libexec/sourcezap/sourcezap-clone +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh -set -e - -## -# variables -localbase=${LOCALBASE:-/usr/local} -libexec=$(dirname "$0") -git="${localbase}"/bin/git -giturl=$1 -gitdir=$2 -branch=$3 -mode=u=rwX,g=rX,o= - -## -# functions -gitexec() -{ - doas -n -u _sourcezap \ - /bin/sh -c "umask ${mode}; ${git} ${1}" -} - -## -# main -if ! "${libexec}"/issourcezap-member; then - echo "[x] This command must be run by a member of the '_sourcezap' group" - exit 1 -fi - -if [ -e "${gitdir}/.git" ]; then - echo "[x] ${gitdir} exists." - echo "[x] Try: sourcezap pull" - exit 1 -fi - -set -x -gitexec "clone ${giturl} ${gitdir}" -cd "${gitdir}" -gitexec "config core.filemode off" -gitexec "checkout -t origin/${branch}" -set +x -echo "[-] Done" diff --git a/libexec/sourcezap/sourcezap-pull b/libexec/sourcezap/sourcezap-pull deleted file mode 100755 index c2daa82..0000000 --- a/libexec/sourcezap/sourcezap-pull +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh -set -e - -## -# variables -libexec=$(dirname "$0") -localbase=${LOCALBASE:-/usr/local} -git="${localbase}"/bin/git -gitdir="$1" -mode="u=rwX,g=rX,o=" - -## -# functions -gitexec() -{ - doas -n -u _sourcezap \ - /bin/sh -c "umask ${mode}; ${git} ${1}" -} - -## -# main -if ! "${libexec}"/issourcezap-member; then - echo "[x] This command must be run by a member of the '_sourcezap' group" - exit 1 -fi - -if [ ! -e "${gitdir}/.git" ]; then - set +x - echo "[x] ${gitdir} is not a valid git repository." - echo "[x] Try: sourcezap clone" - exit 1 -fi - -set -x -cd "${gitdir}" -branch=$(gitexec "branch --show-current") -gitexec "pull --rebase origin ${branch}" diff --git a/libexec/sourcezap/utils/gitexec b/libexec/sourcezap/utils/gitexec new file mode 100755 index 0000000..4ce4a11 --- /dev/null +++ b/libexec/sourcezap/utils/gitexec @@ -0,0 +1,13 @@ +#!/bin/sh +set -e + +## +# variables +git=$(which git) +mode=u=rwX,g=rX,o= + +## +# main +doas -n \ + -u _sourcezap \ + /bin/sh -c "umask ${mode}; ${git} ${1}" diff --git a/libexec/sourcezap/utils/printerr b/libexec/sourcezap/utils/printerr new file mode 100755 index 0000000..8fdbff6 --- /dev/null +++ b/libexec/sourcezap/utils/printerr @@ -0,0 +1,10 @@ +#!/bin/sh +set -e + +## +# variables +err="${1}" + +## +# main +printf "error: %s\n" "${err}" > /dev/stderr diff --git a/libexec/sourcezap/utils/printok b/libexec/sourcezap/utils/printok new file mode 100755 index 0000000..315f891 --- /dev/null +++ b/libexec/sourcezap/utils/printok @@ -0,0 +1,10 @@ +#!/bin/sh +set -e + +## +# variables +msg="${1}" + +## +# main +printf "ok: %s\n" "${msg}" > /dev/stdout