From 84a173551ed96d06a52c012f52fbc916741cda0a Mon Sep 17 00:00:00 2001 From: Tim Byrne Date: Fri, 13 Dec 2019 07:34:06 -0600 Subject: [PATCH] Only assert private dirs, when worktree = $HOME (#171) --- test/test_perms.py | 4 ++-- yadm | 17 ++++++++++------- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/test/test_perms.py b/test/test_perms.py index d19b53b..0eb8add 100644 --- a/test/test_perms.py +++ b/test/test_perms.py @@ -38,7 +38,7 @@ def test_perms(runner, yadm_y, paths, ds1, autoperms): cmd = 'perms' if autoperms != 'notest': cmd = 'status' - run = runner(yadm_y(cmd)) + run = runner(yadm_y(cmd), env={'HOME': paths.work}) assert run.success assert run.err == '' if cmd == 'perms': @@ -81,7 +81,7 @@ def test_perms_control(runner, yadm_y, paths, ds1, sshperms, gpgperms): assert not oct(private.stat().mode).endswith('00'), ( 'Path started secured') - run = runner(yadm_y('perms')) + run = runner(yadm_y('perms'), env={'HOME': paths.work}) assert run.success assert run.err == '' assert run.out == '' diff --git a/yadm b/yadm index e398822..42307e8 100755 --- a/yadm +++ b/yadm @@ -1107,14 +1107,17 @@ function perms() { # include the archive created by "encrypt" [ -f "$YADM_ARCHIVE" ] && GLOBS+=("$YADM_ARCHIVE") - # include all .ssh files (unless disabled) - if [[ $(config --bool yadm.ssh-perms) != "false" ]] ; then - GLOBS+=(".ssh" ".ssh/*" ".ssh/.[!.]*") - fi + # only include private globs if using HOME as worktree + if [ "$YADM_WORK" = "$HOME" ]; then + # include all .ssh files (unless disabled) + if [[ $(config --bool yadm.ssh-perms) != "false" ]] ; then + GLOBS+=(".ssh" ".ssh/*" ".ssh/.[!.]*") + fi - # include all gpg files (unless disabled) - if [[ $(config --bool yadm.gpg-perms) != "false" ]] ; then - GLOBS+=(".gnupg" ".gnupg/*" ".gnupg/.[!.]*") + # include all gpg files (unless disabled) + if [[ $(config --bool yadm.gpg-perms) != "false" ]] ; then + GLOBS+=(".gnupg" ".gnupg/*" ".gnupg/.[!.]*") + fi fi # include any files we encrypt