From 427a4f6d1a5a45ff20d554a70bd834ff28d32d7a Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 7 Apr 2013 21:01:38 +0200 Subject: [PATCH] Try to make use of the extralist in the components file for static-update-component too --- .../static-update-component.erb | 26 +++++++++++++------ modules/sudo/files/sudoers | 3 +-- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/modules/roles/templates/static-mirroring/static-update-component.erb b/modules/roles/templates/static-mirroring/static-update-component.erb index ed214e58..23fb0d97 100755 --- a/modules/roles/templates/static-mirroring/static-update-component.erb +++ b/modules/roles/templates/static-mirroring/static-update-component.erb @@ -22,7 +22,7 @@ # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. usage() { - echo >&2 "Usage: $0 [-f] " + echo >&2 "Usage: $0 " exit 1 } @@ -30,10 +30,6 @@ componentlist=/etc/static-components.conf if [ "$#" = 1 ]; then component="$1" -elif [ "$#" = 2 ]; then - if [ "$1" = "-f" ]; then force=1 - else usage; fi - component="$2" else usage fi @@ -44,19 +40,33 @@ if [ "${component%/*}" != "$component" ] ; then exit 1 fi +thishost=$(hostname -f) srchost="$(awk -v component="$component" '$1 == component {print $2; exit}' "$componentlist")" srcdir="$(awk -v component="$component" '$1 == component {print $3; exit}' "$componentlist")" +inextralist="$( + awk -v component="$component" -v host="$thishost" ' + $1 == component { + split($4,extra,",") + for (i in extra) { + if (host == extra[i]) { + printf "%s:%s\n", $2, $3 + exit + } + } + exit + }' "$componentlist" + )" if [ -z "$srchost" ] || [ -z "$srcdir" ]; then echo >&2 "$0: Invalid component: $component (not found in $componentlist)"; exit 1 fi -if ! [ "$srchost" = "`hostname -f`" ] && ! [ "$force" = 1 ]; then - echo >&2 "Component $component is sourced from $srchost, not this host." +if ! [ "$srchost" = "$thisthost" ] && [ -z "$inextralist" ]; then + echo >&2 "Component $component is sourced from $srchost, and this host is neither that nor in the extra allowed list." exit 1 fi -if ! [ -d "$srcdir" ] && ! [ "$force" = 1 ]; then +if [ "$srchost" = "$thisthost" ] && ! [ -d "$srcdir" ]; then echo >&2 "Component source directory $srcdir does not exist or is not a directory, or is not accessible." exit 1 fi diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers index ebeb1d25..e5c6c6c3 100644 --- a/modules/sudo/files/sudoers +++ b/modules/sudo/files/sudoers @@ -129,8 +129,7 @@ buildd ALL=(ALL) NOPASSWD: ALL %planet senfl=(staticsync) NOPASSWD: /usr/local/bin/static-update-component planet.debian.org %debbits master=(staticsync) NOPASSWD: /usr/local/bin/static-update-component bits.debian.org -%backports ries=(staticsync) NOPASSWD: /usr/local/bin/static-update-component backports.debian.org -%backports franck=(staticsync) NOPASSWD: /usr/local/bin/static-update-component -f backports.debian.org +%backports franck,ries=(staticsync) NOPASSWD: /usr/local/bin/static-update-component backports.debian.org # The piuparts slave needs to handle chroots piupartss piatti=(ALL) NOPASSWD: ALL -- 2.39.2