Merge b4e76f2ad3 into 76ce3defea

template ro removes write permission for all
Signed-off-by: Tin Lai <oscar@tinyiu.com>
2024-07-06 13:11:10 -04:00 · 2023-10-20 13:55:04 +00:00 · 2023-06-06 09:23:20 +10:00 · 2023-05-29 14:32:37 +10:00
5 changed files with 2 additions and 35 deletions
--- a/test/conftest.py
+++ b/test/conftest.py
@ -157,7 +157,6 @@ def supported_configs():
        "yadm.openssl-old",
        "yadm.openssl-program",
        "yadm.ssh-perms",
        "yadm.template-read-only",
    ]
--- a/test/test_alt.py
+++ b/test/test_alt.py
@ -292,28 +292,6 @@ def test_ensure_alt_path(runner, paths, style):
    assert run.out == ""
    assert paths.work.join(filename).read().strip() == "test-data"
@pytest.mark.usefixtures("ds1_repo_copy")
@pytest.mark.parametrize("readonly", [None, "true", "false"])
 def test_template_readonly(runner, yadm_cmd, paths, tst_sys, readonly):
    """Remove write permission for template result file.
    If the `yadm.template-read-only` configuration is not set to false,
    the resulting file from processing a template should has no write permission.
    """
    # set the value of template read-only
    if readonly:
        runner(yadm_cmd("config", "yadm.template-read-only", readonly))
    utils.create_alt_files(paths, f"##template.default")
    run = runner(yadm_cmd("alt"))
    for stale_path in [utils.ALT_FILE1, utils.ALT_FILE2]:
        write_perm_mask = os.stat(paths.work.join(stale_path)).st_mode & 0o222
        if readonly == "false":
            assert write_perm_mask > 0
        else:
            assert write_perm_mask == 0
 def setup_standard_yadm_dir(paths):
    """Configure a yadm home within the work tree"""
--- a/3
+++ b/3
@ -540,7 +540,7 @@ function move_file() {
  mv -f "$temp_file" "$output"
  copy_perms "$input" "$output"
-  [ "$(config --bool yadm.template-read-only)" != "false" ] && chmod a-w "$output"
+  [ "$(config --bool yadm.template-read-only)" == "true" ] && chmod a-w "$output"
 }
 # ****** yadm Commands ******
@ -1267,7 +1267,6 @@ yadm.openssl-ciphername
 yadm.openssl-old
 yadm.openssl-program
 yadm.ssh-perms
 yadm.template-read-only
 EOF
  printf '%s' "$msg"
 }
--- a/yadm.1
+++ b/yadm.1
@ -108,9 +108,6 @@ unnecessary to run this command, as yadm automatically processes alternates by
 default. This automatic behavior can be disabled by setting the configuration
 .I yadm.auto-alt
 to "false".
 The resulting file's write permission can be controlled with the
 .I yadm.template-read-only
 configuration.
 .TP
 .B bootstrap
 Execute
@ -428,10 +425,6 @@ By default, the first "openssl" found in $PATH is used.
 Disable the permission changes to
 .IR $HOME/.ssh/* .
 This feature is enabled by default.
 .TP
 .B yadm.template-read-only
 Remove write permissions from the resulting template file.
 This feature is enabled by default.
 .RE
 The following five "local" configurations are not stored in the
--- a/yadm.md
+++ b/yadm.md
@ -67,9 +67,7 @@
              TEMPLATES sections. It is usually unnecessary to run  this  com‐
              mand,  as  yadm  automatically  processes alternates by default.
              This automatic behavior can be disabled by setting the  configu‐
-              ration  yadm.auto-alt  to  "false".   The resulting file's write
+              ration yadm.auto-alt to "false".
              permission can be controlled  with  the  yadm.template-read-only
              configuration.
       bootstrap
              Execute $HOME/.config/yadm/bootstrap if it exists.
Author	SHA1	Message	Date
Tin Lai	4436466293	Merge `b4e76f2ad3` into `76ce3defea`	2023-10-20 13:55:04 +00:00
Tin Lai	b4e76f2ad3	template ro removes write permission for all Signed-off-by: Tin Lai <oscar@tinyiu.com>	2023-06-06 09:23:20 +10:00
Tin Lai	79043cb4e5	add config for yadm to create read-only template output Signed-off-by: Tin Lai <oscar@tinyiu.com>	2023-05-29 14:32:37 +10:00