[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lmi-commits] [lmi] master 2cdab78 6/6: Pass variables in a temporary fi
|
From: |
Greg Chicares |
|
Subject: |
[lmi-commits] [lmi] master 2cdab78 6/6: Pass variables in a temporary file, avoiding preserve-env flags |
|
Date: |
Thu, 5 Mar 2020 11:31:47 -0500 (EST) |
branch: master
commit 2cdab7822522d56d35ecc2a439073c442d3b6691
Author: Gregory W. Chicares <address@hidden>
Commit: Gregory W. Chicares <address@hidden>
Pass variables in a temporary file, avoiding preserve-env flags
Flags such as
sudo --preserve-env
schroot --preserve-environment
can have surprising and undesirable side effects. Sourcing a file that
contains only the variables desired is more robust and secure.
There is not now, and probably never will be, any actual need to source
this temporary file in a script such as 'lmi_destroy_chroot.sh', which
sources it nonetheless for concinnity.
It might seem preferable to source '/tmp/schroot_env' OAOO, in
'lmi_setup_inc.sh'. However, 'install_redhat.sh' sources
'lmi_setup_inc.sh' before it creates '/tmp/schroot_env'. A test like
if /tmp/schroot_env exists and _this_ script is not install_redhat.sh
seems repugnant and brittle, while restructuring 'install_redhat.sh' to
guarantee that '/tmp/schroot_env' exists before 'lmi_setup_inc.sh' is
sourced seems brittle at best.
---
install_redhat.sh | 53 ++++++++++++++++++++++++++++++++++-----------------
lmi_destroy_chroot.sh | 1 +
lmi_setup_00.sh | 1 +
lmi_setup_10.sh | 1 +
lmi_setup_11.sh | 1 +
lmi_setup_20.sh | 1 +
lmi_setup_21.sh | 1 +
lmi_setup_30.sh | 4 +---
lmi_setup_40.sh | 4 +---
lmi_setup_41.sh | 4 +---
lmi_setup_42.sh | 4 +---
lmi_setup_43.sh | 4 +---
12 files changed, 46 insertions(+), 33 deletions(-)
diff --git a/install_redhat.sh b/install_redhat.sh
index 18f33bc..d1f0b2d 100755
--- a/install_redhat.sh
+++ b/install_redhat.sh
@@ -32,16 +32,6 @@ if [ "$(umask)" -ne 022 ]; then
umask 022
fi
-# Configure some important variables dynamically.
-export NORMAL_USER
-export NORMAL_USER_UID
-export NORMAL_GROUP
-export NORMAL_GROUP_GID
-export GIT_URL_BASE
-NORMAL_USER=$(id -un "$(logname)")
-NORMAL_USER_UID=$(id -u "$(logname)")
-NORMAL_GROUP=$(id -gn "$(logname)")
-NORMAL_GROUP_GID=$(id -g "$(logname)")
# A known corporate firewall blocks gnu.org even on a GNU/Linux
# server, yet allows github.com:
if curl https://git.savannah.nongnu.org:443 >/dev/null 2>&1 ; then
@@ -132,6 +122,33 @@ echo Installed debian "${CODENAME}".
# bash logout file that clears the screen.
sed -e'/^[^#]/s/^/# SUPPRESSED # /' -i
/srv/chroot/"${CHRTNAME}"/etc/skel/.bash_logout
+# Store dynamic configuration in a temporary file. This method is
+# simple and robust, and far better than trying to pass environment
+# variables across sudo and schroot barriers.
+
+ NORMAL_USER=$(id -un "$(logname)")
+ NORMAL_USER_UID=$(id -u "$(logname)")
+
+if getent group lmi; then
+ NORMAL_GROUP=lmi
+ NORMAL_GROUP_GID=$(getent group "$(NORMAL_GROUP)" | cut -d: -f3)
+ CHROOT_USERS=$(getent group "$(NORMAL_GROUP)" | cut -d: -f4)
+else
+ NORMAL_GROUP=$(id -gn "$(logname)")
+ NORMAL_GROUP_GID=$(id -g "$(logname)")
+ CHROOT_USERS=$(id -un "$(logname)")
+fi
+
+cat >/tmp/schroot_env <<EOF
+ CHROOT_USERS=$CHROOT_USERS
+ GIT_URL_BASE=$GIT_URL_BASE
+ NORMAL_GROUP=$NORMAL_GROUP
+NORMAL_GROUP_GID=$NORMAL_GROUP_GID
+ NORMAL_USER=$NORMAL_USER
+ NORMAL_USER_UID=$NORMAL_USER_UID
+EOF
+chmod 0666 /tmp/schroot_env
+
cat >/etc/schroot/chroot.d/"${CHRTNAME}".conf <<EOF
[${CHRTNAME}]
aliases=lmi
@@ -151,14 +168,14 @@ mount --bind /var/cache/"${CODENAME}"
/srv/chroot/"${CHRTNAME}"/var/cache/apt/ar
# ./lmi_setup_10.sh
# ./lmi_setup_11.sh
-cp -a lmi_setup_*.sh /srv/chroot/${CHRTNAME}/tmp
-schroot --chroot=${CHRTNAME} --preserve-environment --user=root
--directory=/tmp ./lmi_setup_20.sh
-schroot --chroot=${CHRTNAME} --preserve-environment --user=root
--directory=/tmp ./lmi_setup_21.sh
-sudo --preserve-env --user="${NORMAL_USER}"
./lmi_setup_30.sh
-schroot --chroot=${CHRTNAME} --preserve-environment --user="${NORMAL_USER}"
--directory=/tmp ./lmi_setup_40.sh
-schroot --chroot=${CHRTNAME} --preserve-environment --user="${NORMAL_USER}"
--directory=/tmp ./lmi_setup_41.sh
-schroot --chroot=${CHRTNAME} --preserve-environment --user="${NORMAL_USER}"
--directory=/tmp ./lmi_setup_42.sh
-schroot --chroot=${CHRTNAME} --preserve-environment --user="${NORMAL_USER}"
--directory=/tmp ./lmi_setup_43.sh
+cp -a lmi_setup_*.sh /tmp/schroot_env /srv/chroot/${CHRTNAME}/tmp
+schroot --chroot=${CHRTNAME} --user=root --directory=/tmp
./lmi_setup_20.sh
+schroot --chroot=${CHRTNAME} --user=root --directory=/tmp
./lmi_setup_21.sh
+sudo --user="${NORMAL_USER}"
./lmi_setup_30.sh
+schroot --chroot=${CHRTNAME} --user="${NORMAL_USER}" --directory=/tmp
./lmi_setup_40.sh
+schroot --chroot=${CHRTNAME} --user="${NORMAL_USER}" --directory=/tmp
./lmi_setup_41.sh
+schroot --chroot=${CHRTNAME} --user="${NORMAL_USER}" --directory=/tmp
./lmi_setup_42.sh
+schroot --chroot=${CHRTNAME} --user="${NORMAL_USER}" --directory=/tmp
./lmi_setup_43.sh
# Copy log files that may be useful for tracking down problems with
# certain commands whose output is voluminous and often uninteresting.
diff --git a/lmi_destroy_chroot.sh b/lmi_destroy_chroot.sh
index 3cd9be9..d6a4af8 100755
--- a/lmi_destroy_chroot.sh
+++ b/lmi_destroy_chroot.sh
@@ -22,6 +22,7 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
diff --git a/lmi_setup_00.sh b/lmi_setup_00.sh
index dadd27b..9e6b853 100755
--- a/lmi_setup_00.sh
+++ b/lmi_setup_00.sh
@@ -22,6 +22,7 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
diff --git a/lmi_setup_10.sh b/lmi_setup_10.sh
index 45fc53f..40fe070 100755
--- a/lmi_setup_10.sh
+++ b/lmi_setup_10.sh
@@ -22,6 +22,7 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
diff --git a/lmi_setup_11.sh b/lmi_setup_11.sh
index bff6fc7..1745146 100755
--- a/lmi_setup_11.sh
+++ b/lmi_setup_11.sh
@@ -22,6 +22,7 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
diff --git a/lmi_setup_20.sh b/lmi_setup_20.sh
index 20a5cf7..afa9430 100755
--- a/lmi_setup_20.sh
+++ b/lmi_setup_20.sh
@@ -22,6 +22,7 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
diff --git a/lmi_setup_21.sh b/lmi_setup_21.sh
index 3db1bd0..4394650 100755
--- a/lmi_setup_21.sh
+++ b/lmi_setup_21.sh
@@ -22,6 +22,7 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
diff --git a/lmi_setup_30.sh b/lmi_setup_30.sh
index 739e699..4d6b3ab 100755
--- a/lmi_setup_30.sh
+++ b/lmi_setup_30.sh
@@ -22,15 +22,13 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
assert_not_su
assert_not_chrooted
-# Kludge:
-HOME=/home/"${NORMAL_USER}"
-
# If cached lmi downloads are available elsewhere, copy them now.
# Copying cache_for_lmi/downloads/ is an optional step that merely
# conserves bandwidth. Directory cache_for_lmi/ in a native msw
diff --git a/lmi_setup_40.sh b/lmi_setup_40.sh
index fc83e48..4bc2337 100755
--- a/lmi_setup_40.sh
+++ b/lmi_setup_40.sh
@@ -22,15 +22,13 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
assert_not_su
assert_chrooted
-# Kludge:
-HOME=/home/"${NORMAL_USER}"
-
# Initialize wine. See:
# https://lists.nongnu.org/archive/html/lmi/2016-10/msg00002.html
WINEDLLOVERRIDES=mscoree=d wine wineboot
diff --git a/lmi_setup_41.sh b/lmi_setup_41.sh
index 68454c2..28f8112 100755
--- a/lmi_setup_41.sh
+++ b/lmi_setup_41.sh
@@ -22,15 +22,13 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
assert_not_su
assert_chrooted
-# Kludge:
-HOME=/home/"${NORMAL_USER}"
-
# Symlink directories used by lmi, so that both native and wine
# builds use the same directories and can share the same
# architecture-independent 'configurable_settings.xml'--much like the
diff --git a/lmi_setup_42.sh b/lmi_setup_42.sh
index 40d5f05..70b7817 100755
--- a/lmi_setup_42.sh
+++ b/lmi_setup_42.sh
@@ -22,15 +22,13 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
assert_not_su
assert_chrooted
-# Kludge:
-HOME=/home/"${NORMAL_USER}"
-
# Install lmi for wine.
cd ~ || { printf 'failed: cd\n'; exit 3; }
diff --git a/lmi_setup_43.sh b/lmi_setup_43.sh
index dd6df8e..dbc0811 100755
--- a/lmi_setup_43.sh
+++ b/lmi_setup_43.sh
@@ -22,15 +22,13 @@
# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
. ./lmi_setup_inc.sh
+. /tmp/schroot_env
set -vx
assert_not_su
assert_chrooted
-# Kludge:
-HOME=/home/"${NORMAL_USER}"
-
# Symlink the repository's hooks/ directory:
cd /opt/lmi/src/lmi || { printf 'failed: cd\n'; exit 3; }
mv .git/hooks .git/hooks-orig
- [lmi-commits] [lmi] master updated (e1520a8 -> 2cdab78), Greg Chicares, 2020/03/05
- [lmi-commits] [lmi] master 92ee4b5 2/6: Regularize layout (and certain options), Greg Chicares, 2020/03/05
- [lmi-commits] [lmi] master 83b0221 4/6: Change permissions more preemptively, Greg Chicares, 2020/03/05
- [lmi-commits] [lmi] master 0367668 5/6: Say when umask is overridden, Greg Chicares, 2020/03/05
- [lmi-commits] [lmi] master b4d014c 3/6: Download 'lmi_setup_inc.sh' before sourcing it, Greg Chicares, 2020/03/05
- [lmi-commits] [lmi] master 646e523 1/6: Define a variable immediately before use, Greg Chicares, 2020/03/05
- [lmi-commits] [lmi] master 2cdab78 6/6: Pass variables in a temporary file, avoiding preserve-env flags,
Greg Chicares <=