* Add wrappergroup config option, which can be used to cause wrappers

to be created owned by some group other than the default. Useful
  then there's a shared repository with access controlled by a group,
  to let ikiwiki run setgid to that group.
* ikiwiki-mass-rebuild: Run build with the user in all their groups.
master
Joey Hess 2007-11-14 09:27:11 -05:00
parent ebac523686
commit cb80809aec
5 changed files with 50 additions and 8 deletions

View File

@ -102,14 +102,26 @@ $envsave
} }
EOF EOF
close OUT; close OUT;
if (system("gcc", "$wrapper.c", "-o", $wrapper) != 0) { if (system("gcc", "$wrapper.c", "-o", "$wrapper.new") != 0) {
#translators: The parameter is a C filename. #translators: The parameter is a C filename.
error(sprintf(gettext("failed to compile %s"), "$wrapper.c")); error(sprintf(gettext("failed to compile %s"), "$wrapper.c"));
} }
unlink("$wrapper.c"); unlink("$wrapper.c");
if (defined $config{wrappergroup}) {
my $gid=(getgrnam($config{wrappergroup}))[2];
if (! defined $gid) {
error(sprintf("bad wrappergroup"));
}
if (! chown(-1, $gid, "$wrapper.new")) {
error("chown $wrapper.new: $!");
}
}
if (defined $config{wrappermode} && if (defined $config{wrappermode} &&
! chmod(oct($config{wrappermode}), $wrapper)) { ! chmod(oct($config{wrappermode}), "$wrapper.new")) {
error("chmod $wrapper: $!"); error("chmod $wrapper.new: $!");
}
if (! rename("$wrapper.new", $wrapper)) {
error("rename $wrapper.new $wrapper: $!");
} }
#translators: The parameter is a filename. #translators: The parameter is a filename.
printf(gettext("successfully generated %s"), $wrapper); printf(gettext("successfully generated %s"), $wrapper);

7
debian/changelog vendored
View File

@ -5,8 +5,13 @@ ikiwiki (2.13) UNRELEASED; urgency=low
* ikiwiki.setup is licensed same as the basewiki, not GPLed. * ikiwiki.setup is licensed same as the basewiki, not GPLed.
* inline: Add timeformat parameter to control how the ctime of * inline: Add timeformat parameter to control how the ctime of
inlined pages is displayed. Closes: #451019 inlined pages is displayed. Closes: #451019
* Add wrappergroup config option, which can be used to cause wrappers
to be created owned by some group other than the default. Useful
then there's a shared repository with access controlled by a group,
to let ikiwiki run setgid to that group.
* ikiwiki-mass-rebuild: Run build with the user in all their groups.
-- Joey Hess <joeyh@debian.org> Tue, 13 Nov 2007 16:11:54 -0500 -- Joey Hess <joeyh@debian.org> Wed, 14 Nov 2007 08:37:03 -0500
ikiwiki (2.12) unstable; urgency=low ikiwiki (2.12) unstable; urgency=low

View File

@ -125,6 +125,14 @@ configuration options of their own.
Specify a mode to chmod the wrapper to after creating it. Specify a mode to chmod the wrapper to after creating it.
* --wrappergroup group
Specify what unix group the wrapper should be owned by. This can be
useful if the wrapper needs to be owned by a group other than the default.
For example, if a project has a repository with multiple committers with
access controlled by a group, it makes sense for the ikiwiki wrappers
to run setgid to that group.
* --notify, --no-notify * --notify, --no-notify
Enable email notification of commits. This should be used when running Enable email notification of commits. This should be used when running

View File

@ -2,6 +2,19 @@
use warnings; use warnings;
use strict; use strict;
sub supplemental_groups {
my $user=shift;
my @list;
while (my @fields=getgrent()) {
if (grep { $_ eq $user } split(' ', $fields[3])) {
push @list, $fields[2];
}
}
return @list;
}
sub processline { sub processline {
my $user=shift; my $user=shift;
my $setup=shift; my $setup=shift;
@ -20,11 +33,15 @@ sub processline {
defined(my $pid = fork) or die "Cant fork: $!"; defined(my $pid = fork) or die "Cant fork: $!";
if (! $pid) { if (! $pid) {
my ($uuid, $ugid) = (getpwnam($user))[2, 3]; my ($uuid, $ugid) = (getpwnam($user))[2, 3];
$)="$ugid $ugid"; my $grouplist=join(" ", $ugid, $ugid, supplemental_groups($user));
$)=$grouplist;
if ($!) {
die "failed to set egid $grouplist";
}
$(=$ugid; $(=$ugid;
$<=$uuid; $<=$uuid;
$>=$uuid; $>=$uuid;
if ($< != $uuid || $> != $uuid || $( != $ugid || $) ne "$ugid $ugid") { if ($< != $uuid || $> != $uuid || $( != $ugid) {
die "failed to drop permissions to $user"; die "failed to drop permissions to $user";
} }
%ENV=( %ENV=(

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2007-11-13 16:14-0500\n" "POT-Creation-Date: 2007-11-14 09:23-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -589,7 +589,7 @@ msgid "failed to compile %s"
msgstr "" msgstr ""
#. translators: The parameter is a filename. #. translators: The parameter is a filename.
#: ../IkiWiki/Wrapper.pm:115 #: ../IkiWiki/Wrapper.pm:127
#, perl-format #, perl-format
msgid "successfully generated %s" msgid "successfully generated %s"
msgstr "" msgstr ""