Access to directory named with public key hash

Inside a directory whose name is the user's public key hash, any fossil repository is directly accessible to the user (without a .fossil-remotes/ intermediary).
author: Andrew Cady <d@jerkface.net> 2023-06-01 18:41:08 -0400
committer: Andrew Cady <d@jerkface.net> 2023-06-01 19:20:56 -0400
commit: c272fb8c8baecf1caadfb270917f592c4c19b988 (patch)
tree: 33336e54314662430f7ac7f2b5e7108c4296cb14
parent: 84f6a437291f4722b86763ca571a1073c7599dff (diff)
1 files changed, 21 insertions, 10 deletions
diff --git a/src/endofossil b/src/endofossil
index 3925d89..74801aa 100644
--- a/src/endofossil
+++ b/src/endofossil
@@ -60,23 +60,34 @@ done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .)
 upstreamDatabaseDir=${upstreamDatabase%/*}
 readWriteDbName=${upstreamDatabase#${upstreamDatabaseDir}/}
-readWriteDir=$upstreamDatabaseDir/.fossil-remotes/$keyhash
 as_user()
 {
    setpriv --reuid="$uid" --regid="$gid" --clear-groups --inh-caps=-all "$@"
 }
-if ! [ -d "$readWriteDir" ]
-then
+setup_fossil_remotes()
-    make_parents=
+{
-    if [[ $readWriteDir == $home/* ]]
+    if ! [ -d "$readWriteDir" ]
    then
-        [ -d "$upstreamDatabaseDir" ]
+        make_parents=
-        make_parents=-p
+        if [[ $readWriteDir == $home/* ]]
+        then
+            [ -d "$upstreamDatabaseDir" ]
+            make_parents=-p
+        fi
+        as_user mkdir $make_parents "$readWriteDir"
    fi
-    as_user mkdir $make_parents "$readWriteDir"
+    as_user cp -n --reflink -- "$upstreamDatabase" "$readWriteDir"/"$readWriteDbName"
-fi
+}
-as_user cp -n --reflink -- "$upstreamDatabase" "$readWriteDir"/"$readWriteDbName"
+case "$upstreamDatabaseDir" in
+    */"$keyhash" ) readWriteDir=$upstreamDatabaseDir ;;
+    * )
+        readWriteDir=$upstreamDatabaseDir/.fossil-remotes/$keyhash
+        setup_fossil_remotes
+        ;;
+esac
 exec systemd-run -P \
     --property=User="$username" \
author	Andrew Cady <d@jerkface.net>	2023-06-01 18:41:08 -0400
committer	Andrew Cady <d@jerkface.net>	2023-06-01 19:20:56 -0400
commit	c272fb8c8baecf1caadfb270917f592c4c19b988 (patch)
tree	33336e54314662430f7ac7f2b5e7108c4296cb14
parent	84f6a437291f4722b86763ca571a1073c7599dff (diff)

diff --git a/src/endofossil b/src/endofossil index 3925d89..74801aa 100644 --- a/src/endofossil +++ b/src/endofossil
@@ -60,23 +60,34 @@ done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .)
60		60
61	upstreamDatabaseDir=${upstreamDatabase%/*}	61	upstreamDatabaseDir=${upstreamDatabase%/*}
62	readWriteDbName=${upstreamDatabase#${upstreamDatabaseDir}/}	62	readWriteDbName=${upstreamDatabase#${upstreamDatabaseDir}/}
63	readWriteDir=$upstreamDatabaseDir/.fossil-remotes/$keyhash
64		63
65	as_user()	64	as_user()
66	{	65	{
67	setpriv --reuid="$uid" --regid="$gid" --clear-groups --inh-caps=-all "$@"	66	setpriv --reuid="$uid" --regid="$gid" --clear-groups --inh-caps=-all "$@"
68	}	67	}
69	if ! [ -d "$readWriteDir" ]	68
70	then	69	setup_fossil_remotes()
71	make_parents=	70	{
72	if [[ $readWriteDir == $home/* ]]	71	if ! [ -d "$readWriteDir" ]
73	then	72	then
74	[ -d "$upstreamDatabaseDir" ]	73	make_parents=
75	make_parents=-p	74	if [[ $readWriteDir == $home/* ]]
		75	then
		76	[ -d "$upstreamDatabaseDir" ]
		77	make_parents=-p
		78	fi
		79	as_user mkdir $make_parents "$readWriteDir"
76	fi	80	fi
77	as_user mkdir $make_parents "$readWriteDir"	81	as_user cp -n --reflink -- "$upstreamDatabase" "$readWriteDir"/"$readWriteDbName"
78	fi	82	}
79	as_user cp -n --reflink -- "$upstreamDatabase" "$readWriteDir"/"$readWriteDbName"	83
		84	case "$upstreamDatabaseDir" in
		85	*/"$keyhash" ) readWriteDir=$upstreamDatabaseDir ;;
		86	* )
		87	readWriteDir=$upstreamDatabaseDir/.fossil-remotes/$keyhash
		88	setup_fossil_remotes
		89	;;
		90	esac
80		91
81	exec systemd-run -P \	92	exec systemd-run -P \
82	--property=User="$username" \	93	--property=User="$username" \