aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWolfgang Müller2021-03-10 16:34:39 +0100
committerWolfgang Müller2021-03-10 16:56:23 +0100
commitd9d6e019633142d7f58fa35d08f297f8e0604fa9 (patch)
tree717af24a3b16f65ea8ac8b48e4684b09fdf15430
parent0a549b991db4d40a2e5281e39b77a23745f8d3d6 (diff)
downloadbosun-d9d6e019633142d7f58fa35d08f297f8e0604fa9.tar.gz
Improve and harden list_active
An upcoming commit will introduce support for the BOSUN_DIR environment variable that allows users (and, crucially, the upcoming test suite) to override the default role directory. Since we have previously assumed that we are in full control of STOW_DIR, we now have to be more careful. Revamp list_active such that the sed invocation no longer gets any user input. This should protect against any nefarious contents in BOSUN_DIR. The new approach used by list_active relies on 'realpath', a GNU-only coreutils program, and its '--relative-base' option which prints absolute paths unless they are below a given directory. This allows us to filter symbolic links that do not point to a path within BOSUN_DIR.
-rwxr-xr-xbosun15
1 files changed, 8 insertions, 7 deletions
diff --git a/bosun b/bosun
index d8d0168..5d651a3 100755
--- a/bosun
+++ b/bosun
@@ -61,13 +61,14 @@ list() {
}
list_active() {
- # Note: we de not escape any special characters in $STOW_DIR since it is
- # assumed we are in full control of its contents.
- # XXX: -r for xargs is a GNU extension
- find "$STOW_DIR/.." -type l -print0 2>/dev/null \
- | xargs -r0 readlink -f \
- | sed -n ":^$STOW_DIR: s:^$STOW_DIR/\([^/]\+\)/.*:\1:p" \
- | sort -u
+ real=$(realpath "$STOW_DIR")
+ cd "$STOW_DIR/.." || exit 1
+
+ # XXX: GNU extensions: -print0 for find, -r -0 for xargs
+ # XXX: GNU only: realpath
+ find -type l -print0 2>/dev/null \
+ | xargs -r0 realpath -e --relative-base "$real" 2>/dev/null \
+ | sed '/^\//d' | cut -d/ -f1 | sort -u
}
list_all() {