Merge pull request #297 from dyne/restore-chown

restored change of ownership on tomb's contents
This commit is contained in:
Jaromil 2018-01-03 19:42:52 +01:00 committed by GitHub
commit ae78659efb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 15 deletions

View File

@ -207,6 +207,14 @@ argument is "-" (dash), Tomb will read the key from stdin (blocking).
Skip processing of post-hooks and bind-hooks if found inside the tomb. Skip processing of post-hooks and bind-hooks if found inside the tomb.
See the \fIHOOKS\fR section in this manual for more information. See the \fIHOOKS\fR section in this manual for more information.
.B .B
.IP "-p"
When opening a tomb, preserves the ownership of all files and
directories contained in it. Normally the \fIopen\fR command changes
the ownership of a tomb's contents to the UID and GID of the user who
has succesfully opened it: it is a usability feature in case a tomb is
used by a single user across different systems. This flag deactivates
this behaviour.
.B
.IP "-o" .IP "-o"
Manually specify mount options to be used when opening a tomb instead Manually specify mount options to be used when opening a tomb instead
of the default \fIrw,noatime,nodev\fR, i.e. to mount a tomb read-only of the default \fIrw,noatime,nodev\fR, i.e. to mount a tomb read-only

42
tomb
View File

@ -654,12 +654,14 @@ usage() {
_print "\000" _print "\000"
_print " -s size of the tomb file when creating/resizing one (in MiB)" _print " -s size of the tomb file when creating/resizing one (in MiB)"
_print " -k path to the key to be used ('-k -' to read from stdin)" _print " -k path to the key to be used ('-k -' to read from stdin)"
_print " -n don't process the hooks found in tomb" _print " -n don't launch the execution hooks found in tomb"
_print " -p preserve the ownership of all files in tomb"
_print " -o options passed to commands: open, lock, forge (see man)" _print " -o options passed to commands: open, lock, forge (see man)"
_print " -f force operation (i.e. even if swap is active)" _print " -f force operation (i.e. even if swap is active)"
_print " -g use a GnuPG key to encrypt a tomb key" _print " -g use a GnuPG key to encrypt a tomb key"
_print " -r provide GnuPG recipients (separated by coma)" _print " -r provide GnuPG recipients (separated by coma)"
_print " -R provide GnuPG hidden recipients (separated by coma)" _print " -R provide GnuPG hidden recipients (separated by coma)"
[[ $KDF == 1 ]] && { [[ $KDF == 1 ]] && {
_print " --kdf forge keys armored against dictionary attacks" _print " --kdf forge keys armored against dictionary attacks"
} }
@ -1920,6 +1922,18 @@ change_tomb_key() {
# {{{ Open # {{{ Open
_update_control_file() {
# replaces a control file with new contents and gives it user ownership
# stdin = contents
# $1 = path to control file
# $2 = contents
[[ "$2" = "" ]] && return 1
[[ -r "$1" ]] && rm -f "$1"
print "$2" > "$1"
_sudo chown ${_UID}:${_GID} "$1"
_verbose "updated control file $1 = $2"
}
# $1 = tombfile $2(optional) = mountpoint # $1 = tombfile $2(optional) = mountpoint
mount_tomb() { mount_tomb() {
local tombpath="$1" # First argument is the path to the tomb local tombpath="$1" # First argument is the path to the tomb
@ -2031,10 +2045,6 @@ mount_tomb() {
_failure "Cannot mount ::1 tomb name::" $TOMBNAME _failure "Cannot mount ::1 tomb name::" $TOMBNAME
} }
# we do not change ownership anymore when mounting tombs
# _sudo chown $UID:$GID ${tombmount}
# _sudo chmod 0711 ${tombmount}
_success "Success opening ::1 tomb file:: on ::2 mount point::" $TOMBFILE $tombmount _success "Success opening ::1 tomb file:: on ::2 mount point::" $TOMBFILE $tombmount
local tombtty tombhost tombuid tombuser local tombtty tombhost tombuid tombuser
@ -2054,21 +2064,17 @@ mount_tomb() {
_message "Last visit by ::1 user::(::2 tomb build::) from ::3 tty:: on ::4 host::" $tombuser $tombuid $tombtty $tombhost _message "Last visit by ::1 user::(::2 tomb build::) from ::3 tty:: on ::4 host::" $tombuser $tombuid $tombtty $tombhost
_message "on date ::1 date::" $tombsince _message "on date ::1 date::" $tombsince
} }
# write down the UID and TTY that opened the tomb # write down the UID and TTY that opened the tomb
rm -f ${tombmount}/.uid _update_control_file ${tombmount}/.uid $_UID
print $_UID > ${tombmount}/.uid _update_control_file ${tombmount}/.tty $_TTY
rm -f ${tombmount}/.tty
print $_TTY > ${tombmount}/.tty
# also the hostname # also the hostname
rm -f ${tombmount}/.host _update_control_file ${tombmount}/.host `hostname`
hostname > ${tombmount}/.host
# and the "last time opened" information # and the "last time opened" information
# in minutes since 1970, this is printed at next open # in minutes since 1970, this is printed at next open
rm -f ${tombmount}/.last _update_control_file ${tombmount}/.last `date +%s`
date +%s > ${tombmount}/.last
# human readable: date --date=@"`cat .last`" +%c # human readable: date --date=@"`cat .last`" +%c
# process bind-hooks (mount -o bind of directories) # process bind-hooks (mount -o bind of directories)
# and exec-hooks (execute on open) # and exec-hooks (execute on open)
option_is_set -n || { option_is_set -n || {
@ -2076,6 +2082,12 @@ mount_tomb() {
exec_safe_func_hooks open ${tombmount} exec_safe_func_hooks open ${tombmount}
} }
# Changes ownership to current user. This facilitates a lot
# usability by single users. If a Tomb is "multiuser" and contains
# ACL "by convention" using UNIX ownership that needs to be
# preserved then this behavior can be deactivated using -p
option_is_set -p || _sudo chown -R ${_UID}:${_GID} ${tombmount}
return 0 return 0
} }
@ -2821,7 +2833,7 @@ main() {
main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe g -gpgkey=g) main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe g -gpgkey=g)
subcommands_opts[__default]="" subcommands_opts[__default]=""
# -o in open and mount is used to pass alternate mount options # -o in open and mount is used to pass alternate mount options
subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: r: R: " subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: r: R: p -preserve-ownership=p"
subcommands_opts[mount]=${subcommands_opts[open]} subcommands_opts[mount]=${subcommands_opts[open]}
subcommands_opts[create]="" # deprecated, will issue warning subcommands_opts[create]="" # deprecated, will issue warning