[debian-edu-commits] debian-edu/ 134/183: Make gconf profiles work again (note to self don't move exporting env variables to a subshell by moving it in a pipe)

Alexander Alemayhu ccscanf-guest at moszumanska.debian.org
Wed Jun 11 16:48:40 UTC 2014


This is an automated email from the git hooks/post-receive script.

ccscanf-guest pushed a commit to branch master
in repository desktop-profiles.

commit c42582f0c28bafc2cb421119bc224820fc00fbfd
Author: Bart Cornelis <cobaco at linux.be>
Date:   Wed Dec 13 21:59:28 2006 +0000

    Make gconf profiles work again (note to self don't move exporting env variables
    to a subshell by moving it in a pipe)
    
    Add gconf support to cache-mechanism
---
 20desktop-profiles_activateDesktopProfiles | 73 ++++++++++++++----------------
 TODO                                       |  3 +-
 desktop-profiles                           |  4 +-
 update-profile-cache                       | 26 ++++++++++-
 4 files changed, 61 insertions(+), 45 deletions(-)

diff --git a/20desktop-profiles_activateDesktopProfiles b/20desktop-profiles_activateDesktopProfiles
index 1419951..8d65d1e 100644
--- a/20desktop-profiles_activateDesktopProfiles
+++ b/20desktop-profiles_activateDesktopProfiles
@@ -210,51 +210,33 @@ activate_GCONF () {
     # used to keep track if we passed from mandatory to default configuration sources yet
     INCLUDED_HOME=false; 
 
-    # used to avoid creating unnecessary tempfiles
-    ADDED_MANDATORY=false;
-    ADDED_DEFAULTS=false;
+    # create tempfile, while ensuring that cachedir exists
+    # We're using tempfile since it ensures we have a new file with
+    # a random filename, which is necessary for security:
+    # - if (generated) path file isn't there all is fine
+    # - if (generated) path file is there and the permissions on it allow $USER to write all is fine 
+    #   (as it's regenerated on login)
+    # - if (generated) path file is there (possibly changed by attacker) and the permissions on it do
+    #   not allow $USER to write things are not fine (as regeneration fails, and configuration sources
+    #   by attacker will be used).
+    #   Attacker can be $USER hirself (to avoid mandatory settings from sysadmin), or if file is in a
+    #   directory that's writeable by someone else a third party
+    mkdir -p $XDG_CACHE_HOME;
+    export MANDATORY_PATH=$(tempfile --directory $XDG_CACHE_HOME);
+    export DEFAULTS_PATH=$(tempfile --directory $XDG_CACHE_HOME);
+    
+    # add marker to generated files, both so we can find it again later, and to indicate origin
+    echo "# Generated by desktop-profiles package" > "$MANDATORY_PATH";
+    echo "# Generated by desktop-profiles package" > "$DEFAULTS_PATH";
 
     # see if there's actually anyting to add, if so create pathfiles and fill them
     cat $GCONF_FILE | while read LINE; do
+       # user gconf source should be included by system-wide path already
        if (test "$LINE" != 'xml:readwrite:$(HOME)/.gconf'); then
          if (test $INCLUDED_HOME = false); then
-	   # if this is the first mandatory source we add -> create tempfile
-	   if (test "$ADDED_MANDATORY" = false); then
-	     # create tempfile, while ensuring that cachedir exists
-	     # We're using tempfile since it ensures we have a new file with
-	     # a random filename, which is necessary for security:
-             # - if (generated) path file isn't there all is fine
-             # - if (generated) path file is there and the permissions on it allow $USER to write all is fine 
-             #   (as it's regenerated on login)
-             # - if (generated) path file is there (possibly changed by attacker) and the permissions on it do
-             #   not allow $USER to write things are not fine (as regeneration fails, and configuration sources
-             #   by attacker will be used).
-             #   Attacker can be $USER hirself (to avoid mandatory settings from sysadmin), or if file is in a
-             #   directory that's writeable by someone else a third party
-             mkdir -p $XDG_CACHE_HOME;
-             export MANDATORY_PATH=$(tempfile --directory $XDG_CACHE_HOME);
-	     
-             # add marker to generated file, both so we can find it again later, and to indicate origin
-             echo "# Generated by desktop-profiles package" > "$MANDATORY_PATH";
-
-	     # note that we added a mandatory source now
-	     ADDED_MANDATORY=true;
-	   fi;
 	   # add configuration source
            echo $LINE >> "$MANDATORY_PATH";
-         else	 
-	   # if this is the first default source we add -> create tempfile
-	   if (test "$ADDED_DEFAULTS" = false); then
-	     # create tempfile, ensuring that the cachedir exists
-             mkdir -p $XDG_CACHE_HOME;
-             export DEFAULTS_PATH=$(tempfile --directory $XDG_CACHE_HOME);
-
-             # add marker to generated file, both so we can find it again later, and to indicate origin
-             echo "# Generated by desktop-profiles package" > "$DEFAULTS_PATH";
-            
-	     # note that we added a default source now
-	     ADDED_DEFAULT=true;
-	   fi;
+         else 
 	   # add configuration source
            echo $LINE >> "$DEFAULTS_PATH";
          fi;	 
@@ -262,7 +244,17 @@ activate_GCONF () {
          INCLUDED_HOME=true;
        fi  
     done;
-  fi;  
+
+    # get rid of temp files and variables if we don't use them
+    if (test "$(cat $MANDATORY_PATH | wc -l)" -eq 1); then
+      rm -f $MANDATORY_PATH;
+      unset MANDATORY_PATH;
+    fi;
+    if (test "$(cat $DEFAULTS_PATH | wc -l)" -eq 1); then
+      rm -f $DEFAULTS_PATH;
+      unset DEFAULTS_PATH;
+    fi;
+  fi; # end generated path files will be included
   
   # cleanup tempfile
   rm -f $GCONF_FILE;
@@ -286,7 +278,8 @@ if (test $INSTALLED = true); then
   # Make sure the variable we need are initialized
   #################################################
   LISTINGS_DIRS=${LISTINGS_DIRS:-'/etc/desktop-profiles'}
-  CACHE_FILE=${CACHE_FILE:-'/var/cache/desktop-profiles'}
+  CACHE_DIR=${CACHE_DIR:-'/var/cache/desktop-profiles'}
+  CACHE_FILE="$CACHE_DIR/activated_profiles"
   ACTIVE_PROFILE_KINDS=${ACTIVE_PROFILE_KINDS:-''}
   DEFAULT_LISTING=/etc/desktop-profiles/desktop-profiles.listing
   PROFILE_PATH_FILES_DIR=${PROFILE_PATH_FILES_DIR:-'/var/cache/desktop-profiles/'}
diff --git a/TODO b/TODO
index 7b8eb04..0283e98 100644
--- a/TODO
+++ b/TODO
@@ -1,4 +1,3 @@
-- create man-page for update-profile-cache
-- further document/improve performance (cache in non-simple case?)
+- further improve performance (cache in non-simple case?)
 - option to not ignore already existing values of the various values
 - build usefull (example) profiles and point to them in docu (for accessibility?)
diff --git a/desktop-profiles b/desktop-profiles
index 42304fc..a4d4194 100644
--- a/desktop-profiles
+++ b/desktop-profiles
@@ -13,9 +13,9 @@
 # default.
 LISTINGS_DIRS="/etc/desktop-profiles"
 
-# File containing the cache of profile assignments 
+# Directory containing the cache of profile assignments 
 # (cache is only generated when that makes sense)
-CACHE_FILE="/var/cache/desktop-profiles"
+CACHE_DIR="/var/cache/desktop-profiles"
 
 #################################
 # SETTINGS FOR xsession.d script
diff --git a/update-profile-cache b/update-profile-cache
index d429cf5..72500a4 100755
--- a/update-profile-cache
+++ b/update-profile-cache
@@ -19,7 +19,8 @@
 
   #failsave in case default file is deleted
   LISTINGS_DIRS=${LISTINGS_DIRS:-'/etc/desktop-profiles'}
-  CACHE_FILE=${CACHE_FILE:-'/var/cache/desktop-profiles'}
+  CACHE_DIR=${CACHE_DIR:-'/var/cache/desktop-profiles'}
+  CACHE_FILE="$CACHE_DIR/activated_profiles"
 
 ##################  
 # set $CACHE_TYPE  
@@ -51,6 +52,29 @@
 
       # regenerate the cache
       . /etc/X11/Xsession.d/20desktop-profiles_activateDesktopProfiles;
+
+      # move generated path files to cache dir, and set env vars accordingly
+      if (test -e "$MANDATORY_PATH" ); then
+        # sanity check
+        mkdir -p $CACHE_DIR;
+	
+	#do it with cat+rm instead of mv to ensure correct permissions
+        cat $MANDATORY_PATH > $CACHE_DIR/mandatory_path;
+	rm $MANDATORY_PATH;
+	MANDATORY_PATH=$CACHE_DIR/mandatory_path;
+      fi;
+      if (test -e "$DEFAULTS_PATH" ); then
+        #sanity check
+	mkdir -p $CACHE_DIR;
+	
+	#do it with cat+rm instead of mv to ensure correct permissions
+        cat $DEFAULTS_PATH > $CACHE_DIR/defaults.path;
+	rm $DEFAULTS_PATH;
+	DEFAULTS_PATH=$CACHE_DIR/defaults.path;
+      fi;	
+
+      # fill $CACHE_FILE
+      mkdir -p $CACHE_DIR;
       env | grep 'KDEDIRS\|XDG_CONFIG_DIRS\|XDG_DATA_DIRS\|CHOICESPATH\|UDEdir\|GNUSTEP_PATHLIST\|MANDATORY_PATH\|DEFAULTS_PATH' > $CACHE_FILE;
     fi;  
   else

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/desktop-profiles.git



More information about the debian-edu-commits mailing list