diff options
author | Andrew Cady <d@jerkface.net> | 2023-06-01 18:41:08 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2023-06-01 19:20:56 -0400 |
commit | c272fb8c8baecf1caadfb270917f592c4c19b988 (patch) | |
tree | 33336e54314662430f7ac7f2b5e7108c4296cb14 | |
parent | 84f6a437291f4722b86763ca571a1073c7599dff (diff) |
Access to directory named with public key hash
Inside a directory whose name is the user's public key hash, any
fossil repository is directly accessible to the user (without a
.fossil-remotes/ intermediary).
-rw-r--r-- | src/endofossil | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/src/endofossil b/src/endofossil index 3925d89..74801aa 100644 --- a/src/endofossil +++ b/src/endofossil | |||
@@ -60,23 +60,34 @@ done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .) | |||
60 | 60 | ||
61 | upstreamDatabaseDir=${upstreamDatabase%/*} | 61 | upstreamDatabaseDir=${upstreamDatabase%/*} |
62 | readWriteDbName=${upstreamDatabase#${upstreamDatabaseDir}/} | 62 | readWriteDbName=${upstreamDatabase#${upstreamDatabaseDir}/} |
63 | readWriteDir=$upstreamDatabaseDir/.fossil-remotes/$keyhash | ||
64 | 63 | ||
65 | as_user() | 64 | as_user() |
66 | { | 65 | { |
67 | setpriv --reuid="$uid" --regid="$gid" --clear-groups --inh-caps=-all "$@" | 66 | setpriv --reuid="$uid" --regid="$gid" --clear-groups --inh-caps=-all "$@" |
68 | } | 67 | } |
69 | if ! [ -d "$readWriteDir" ] | 68 | |
70 | then | 69 | setup_fossil_remotes() |
71 | make_parents= | 70 | { |
72 | if [[ $readWriteDir == $home/* ]] | 71 | if ! [ -d "$readWriteDir" ] |
73 | then | 72 | then |
74 | [ -d "$upstreamDatabaseDir" ] | 73 | make_parents= |
75 | make_parents=-p | 74 | if [[ $readWriteDir == $home/* ]] |
75 | then | ||
76 | [ -d "$upstreamDatabaseDir" ] | ||
77 | make_parents=-p | ||
78 | fi | ||
79 | as_user mkdir $make_parents "$readWriteDir" | ||
76 | fi | 80 | fi |
77 | as_user mkdir $make_parents "$readWriteDir" | 81 | as_user cp -n --reflink -- "$upstreamDatabase" "$readWriteDir"/"$readWriteDbName" |
78 | fi | 82 | } |
79 | as_user cp -n --reflink -- "$upstreamDatabase" "$readWriteDir"/"$readWriteDbName" | 83 | |
84 | case "$upstreamDatabaseDir" in | ||
85 | */"$keyhash" ) readWriteDir=$upstreamDatabaseDir ;; | ||
86 | * ) | ||
87 | readWriteDir=$upstreamDatabaseDir/.fossil-remotes/$keyhash | ||
88 | setup_fossil_remotes | ||
89 | ;; | ||
90 | esac | ||
80 | 91 | ||
81 | exec systemd-run -P \ | 92 | exec systemd-run -P \ |
82 | --property=User="$username" \ | 93 | --property=User="$username" \ |