[debian-edu-commits] debian-edu/ 134/183: Make gconf profiles work again (note to self don't move exporting env variables to a subshell by moving it in a pipe)
Alexander Alemayhu
ccscanf-guest at moszumanska.debian.org
Wed Jun 11 16:48:40 UTC 2014
This is an automated email from the git hooks/post-receive script.
ccscanf-guest pushed a commit to branch master
in repository desktop-profiles.
commit c42582f0c28bafc2cb421119bc224820fc00fbfd
Author: Bart Cornelis <cobaco at linux.be>
Date: Wed Dec 13 21:59:28 2006 +0000
Make gconf profiles work again (note to self don't move exporting env variables
to a subshell by moving it in a pipe)
Add gconf support to cache-mechanism
---
20desktop-profiles_activateDesktopProfiles | 73 ++++++++++++++----------------
TODO | 3 +-
desktop-profiles | 4 +-
update-profile-cache | 26 ++++++++++-
4 files changed, 61 insertions(+), 45 deletions(-)
diff --git a/20desktop-profiles_activateDesktopProfiles b/20desktop-profiles_activateDesktopProfiles
index 1419951..8d65d1e 100644
--- a/20desktop-profiles_activateDesktopProfiles
+++ b/20desktop-profiles_activateDesktopProfiles
@@ -210,51 +210,33 @@ activate_GCONF () {
# used to keep track if we passed from mandatory to default configuration sources yet
INCLUDED_HOME=false;
- # used to avoid creating unnecessary tempfiles
- ADDED_MANDATORY=false;
- ADDED_DEFAULTS=false;
+ # create tempfile, while ensuring that cachedir exists
+ # We're using tempfile since it ensures we have a new file with
+ # a random filename, which is necessary for security:
+ # - if (generated) path file isn't there all is fine
+ # - if (generated) path file is there and the permissions on it allow $USER to write all is fine
+ # (as it's regenerated on login)
+ # - if (generated) path file is there (possibly changed by attacker) and the permissions on it do
+ # not allow $USER to write things are not fine (as regeneration fails, and configuration sources
+ # by attacker will be used).
+ # Attacker can be $USER hirself (to avoid mandatory settings from sysadmin), or if file is in a
+ # directory that's writeable by someone else a third party
+ mkdir -p $XDG_CACHE_HOME;
+ export MANDATORY_PATH=$(tempfile --directory $XDG_CACHE_HOME);
+ export DEFAULTS_PATH=$(tempfile --directory $XDG_CACHE_HOME);
+
+ # add marker to generated files, both so we can find it again later, and to indicate origin
+ echo "# Generated by desktop-profiles package" > "$MANDATORY_PATH";
+ echo "# Generated by desktop-profiles package" > "$DEFAULTS_PATH";
# see if there's actually anyting to add, if so create pathfiles and fill them
cat $GCONF_FILE | while read LINE; do
+ # user gconf source should be included by system-wide path already
if (test "$LINE" != 'xml:readwrite:$(HOME)/.gconf'); then
if (test $INCLUDED_HOME = false); then
- # if this is the first mandatory source we add -> create tempfile
- if (test "$ADDED_MANDATORY" = false); then
- # create tempfile, while ensuring that cachedir exists
- # We're using tempfile since it ensures we have a new file with
- # a random filename, which is necessary for security:
- # - if (generated) path file isn't there all is fine
- # - if (generated) path file is there and the permissions on it allow $USER to write all is fine
- # (as it's regenerated on login)
- # - if (generated) path file is there (possibly changed by attacker) and the permissions on it do
- # not allow $USER to write things are not fine (as regeneration fails, and configuration sources
- # by attacker will be used).
- # Attacker can be $USER hirself (to avoid mandatory settings from sysadmin), or if file is in a
- # directory that's writeable by someone else a third party
- mkdir -p $XDG_CACHE_HOME;
- export MANDATORY_PATH=$(tempfile --directory $XDG_CACHE_HOME);
-
- # add marker to generated file, both so we can find it again later, and to indicate origin
- echo "# Generated by desktop-profiles package" > "$MANDATORY_PATH";
-
- # note that we added a mandatory source now
- ADDED_MANDATORY=true;
- fi;
# add configuration source
echo $LINE >> "$MANDATORY_PATH";
- else
- # if this is the first default source we add -> create tempfile
- if (test "$ADDED_DEFAULTS" = false); then
- # create tempfile, ensuring that the cachedir exists
- mkdir -p $XDG_CACHE_HOME;
- export DEFAULTS_PATH=$(tempfile --directory $XDG_CACHE_HOME);
-
- # add marker to generated file, both so we can find it again later, and to indicate origin
- echo "# Generated by desktop-profiles package" > "$DEFAULTS_PATH";
-
- # note that we added a default source now
- ADDED_DEFAULT=true;
- fi;
+ else
# add configuration source
echo $LINE >> "$DEFAULTS_PATH";
fi;
@@ -262,7 +244,17 @@ activate_GCONF () {
INCLUDED_HOME=true;
fi
done;
- fi;
+
+ # get rid of temp files and variables if we don't use them
+ if (test "$(cat $MANDATORY_PATH | wc -l)" -eq 1); then
+ rm -f $MANDATORY_PATH;
+ unset MANDATORY_PATH;
+ fi;
+ if (test "$(cat $DEFAULTS_PATH | wc -l)" -eq 1); then
+ rm -f $DEFAULTS_PATH;
+ unset DEFAULTS_PATH;
+ fi;
+ fi; # end generated path files will be included
# cleanup tempfile
rm -f $GCONF_FILE;
@@ -286,7 +278,8 @@ if (test $INSTALLED = true); then
# Make sure the variable we need are initialized
#################################################
LISTINGS_DIRS=${LISTINGS_DIRS:-'/etc/desktop-profiles'}
- CACHE_FILE=${CACHE_FILE:-'/var/cache/desktop-profiles'}
+ CACHE_DIR=${CACHE_DIR:-'/var/cache/desktop-profiles'}
+ CACHE_FILE="$CACHE_DIR/activated_profiles"
ACTIVE_PROFILE_KINDS=${ACTIVE_PROFILE_KINDS:-''}
DEFAULT_LISTING=/etc/desktop-profiles/desktop-profiles.listing
PROFILE_PATH_FILES_DIR=${PROFILE_PATH_FILES_DIR:-'/var/cache/desktop-profiles/'}
diff --git a/TODO b/TODO
index 7b8eb04..0283e98 100644
--- a/TODO
+++ b/TODO
@@ -1,4 +1,3 @@
-- create man-page for update-profile-cache
-- further document/improve performance (cache in non-simple case?)
+- further improve performance (cache in non-simple case?)
- option to not ignore already existing values of the various values
- build usefull (example) profiles and point to them in docu (for accessibility?)
diff --git a/desktop-profiles b/desktop-profiles
index 42304fc..a4d4194 100644
--- a/desktop-profiles
+++ b/desktop-profiles
@@ -13,9 +13,9 @@
# default.
LISTINGS_DIRS="/etc/desktop-profiles"
-# File containing the cache of profile assignments
+# Directory containing the cache of profile assignments
# (cache is only generated when that makes sense)
-CACHE_FILE="/var/cache/desktop-profiles"
+CACHE_DIR="/var/cache/desktop-profiles"
#################################
# SETTINGS FOR xsession.d script
diff --git a/update-profile-cache b/update-profile-cache
index d429cf5..72500a4 100755
--- a/update-profile-cache
+++ b/update-profile-cache
@@ -19,7 +19,8 @@
#failsave in case default file is deleted
LISTINGS_DIRS=${LISTINGS_DIRS:-'/etc/desktop-profiles'}
- CACHE_FILE=${CACHE_FILE:-'/var/cache/desktop-profiles'}
+ CACHE_DIR=${CACHE_DIR:-'/var/cache/desktop-profiles'}
+ CACHE_FILE="$CACHE_DIR/activated_profiles"
##################
# set $CACHE_TYPE
@@ -51,6 +52,29 @@
# regenerate the cache
. /etc/X11/Xsession.d/20desktop-profiles_activateDesktopProfiles;
+
+ # move generated path files to cache dir, and set env vars accordingly
+ if (test -e "$MANDATORY_PATH" ); then
+ # sanity check
+ mkdir -p $CACHE_DIR;
+
+ #do it with cat+rm instead of mv to ensure correct permissions
+ cat $MANDATORY_PATH > $CACHE_DIR/mandatory_path;
+ rm $MANDATORY_PATH;
+ MANDATORY_PATH=$CACHE_DIR/mandatory_path;
+ fi;
+ if (test -e "$DEFAULTS_PATH" ); then
+ #sanity check
+ mkdir -p $CACHE_DIR;
+
+ #do it with cat+rm instead of mv to ensure correct permissions
+ cat $DEFAULTS_PATH > $CACHE_DIR/defaults.path;
+ rm $DEFAULTS_PATH;
+ DEFAULTS_PATH=$CACHE_DIR/defaults.path;
+ fi;
+
+ # fill $CACHE_FILE
+ mkdir -p $CACHE_DIR;
env | grep 'KDEDIRS\|XDG_CONFIG_DIRS\|XDG_DATA_DIRS\|CHOICESPATH\|UDEdir\|GNUSTEP_PATHLIST\|MANDATORY_PATH\|DEFAULTS_PATH' > $CACHE_FILE;
fi;
else
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/desktop-profiles.git
More information about the debian-edu-commits
mailing list