[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[shepherd] 07/07: support: Add a keyword argument '#:secure?' to verify-
From: |
Ludovic Courtès |
Subject: |
[shepherd] 07/07: support: Add a keyword argument '#:secure?' to verify-dir. |
Date: |
Sun, 17 Jan 2016 14:15:30 +0000 |
civodul pushed a commit to branch master
in repository shepherd.
commit f158e636f1079cfa0ae226274925f8cd7a0793a0
Author: Mathieu Lirzin <address@hidden>
Date: Sat Jan 16 23:17:40 2016 +0100
support: Add a keyword argument '#:secure?' to verify-dir.
* modules/shepherd.scm (verify-dir): Replace argument INSECURE by a
keyword argument #:SECURE?. All callers changed. Improve the logic of
the implementation.
Signed-off-by: Ludovic Courtès <address@hidden>
---
modules/shepherd.scm | 8 ++++----
modules/shepherd/support.scm | 25 ++++++++++++-------------
2 files changed, 16 insertions(+), 17 deletions(-)
diff --git a/modules/shepherd.scm b/modules/shepherd.scm
index a678d8c..cc74743 100644
--- a/modules/shepherd.scm
+++ b/modules/shepherd.scm
@@ -56,8 +56,8 @@
(let ((config-file #f)
(socket-file default-socket-file)
(pid-file #f)
- (insecure #f)
- (logfile default-logfile))
+ (secure #t)
+ (logfile default-logfile))
;; Process command line arguments.
(process-args program-name args
""
@@ -93,7 +93,7 @@
#:takes-arg? #f
#:description "don't ensure that the setup is secure"
#:action (lambda ()
- (set! insecure #t)))
+ (set! secure #f)))
(make <option>
#:long "logfile" #:short #\l
#:takes-arg? #t #:optional-arg? #f #:arg-name "FILE"
@@ -135,7 +135,7 @@
#f)))))))
;; We do this early so that we can abort early if necessary.
(and socket-file
- (verify-dir (dirname socket-file) insecure))
+ (verify-dir (dirname socket-file) #:secure? secure))
;; Enable logging as first action.
(start-logging logfile)
diff --git a/modules/shepherd/support.scm b/modules/shepherd/support.scm
index 32b79e7..5b1ca7e 100644
--- a/modules/shepherd/support.scm
+++ b/modules/shepherd/support.scm
@@ -2,6 +2,7 @@
;; Copyright (C) 2014 A.Sassmannshausen <address@hidden>
;; Copyright (C) 2013, 2014, 2016 Ludovic Courtès <address@hidden>
;; Copyright (C) 2002, 2003 Wolfgang Jährling <address@hidden>
+;; Copyright (C) 2016 Mathieu Lirzin <address@hidden>
;;
;; This file is part of the GNU Shepherd.
;;
@@ -276,20 +277,18 @@ which has essential bindings pulled in."
(set-current-module user-module)
(primitive-load file)))))
-;; Check if the directory DIR exists and create it if it is the
-;; default directory, but does not exist. If INSECURE is false, also
-;; checks for the permissions of the directory.
-(define (verify-dir dir insecure)
+(define* (verify-dir dir #:key (secure? #t))
+ "Check if the directory DIR exists and create it if it is the default
+directory, but does not exist. If SECURE? is false, permissions of the
+directory are not checked."
(and (string=? dir default-socket-dir)
;; If it exists already, this is fine, thus ignore errors.
(catch-system-error
- (mkdir default-socket-dir #o700)))
-
+ (mkdir default-socket-dir #o700)))
;; Check for permissions.
- (or insecure
- (let ((dir-stat (stat dir)))
- (and (not (and (= (stat:uid dir-stat) (getuid))
- (= (stat:perms dir-stat) #o700)))
- (begin
- (local-output "Socket directory setup is insecure.")
- (quit 1))))))
+ (when secure?
+ (let ((dir-stat (stat dir)))
+ (unless (and (= (stat:uid dir-stat) (getuid))
+ (= (stat:perms dir-stat) #o700))
+ (local-output "Socket directory setup is insecure.")
+ (exit 1)))))
- [shepherd] branch master updated (4fb3a18 -> f158e63), Ludovic Courtès, 2016/01/17
- [shepherd] 01/07: build: Add missing backslash in AM_TESTS_ENVIRONMENT., Ludovic Courtès, 2016/01/17
- [shepherd] 05/07: maint: Fix version checking for Guile., Ludovic Courtès, 2016/01/17
- [shepherd] 03/07: build: Improve display for silent rules., Ludovic Courtès, 2016/01/17
- [shepherd] 04/07: maint: Update .gitignore., Ludovic Courtès, 2016/01/17
- [shepherd] 06/07: maint: Add .dir-locals.el., Ludovic Courtès, 2016/01/17
- [shepherd] 07/07: support: Add a keyword argument '#:secure?' to verify-dir.,
Ludovic Courtès <=
- [shepherd] 02/07: Rename 'deco' command to 'herd'., Ludovic Courtès, 2016/01/17