openpkg/aux.prereq.sh@0ba300bdf30a (annotated)
openpkg/aux.prereq.sh
Mon, 20 Apr 2009 19:22:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Mon, 20 Apr 2009 19:22:00 +0200
- changeset 178
- 0ba300bdf30a
- permissions
- -rw-r--r--
Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.
| michael@13 | 1 | #!/bin/sh |
| michael@13 | 2 | ## |
| michael@13 | 3 | ## aux.prereq.sh -- Platform Pre-Requisite Checks |
| michael@13 | 4 | ## Copyright (c) 2000-2007 OpenPKG Foundation e.V. <http://openpkg.net/> |
| michael@13 | 5 | ## Copyright (c) 2000-2007 Ralf S. Engelschall <http://engelschall.com/> |
| michael@13 | 6 | ## |
| michael@13 | 7 | ## Permission to use, copy, modify, and distribute this software for |
| michael@13 | 8 | ## any purpose with or without fee is hereby granted, provided that |
| michael@13 | 9 | ## the above copyright notice and this permission notice appear in all |
| michael@13 | 10 | ## copies. |
| michael@13 | 11 | ## |
| michael@13 | 12 | ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED |
| michael@13 | 13 | ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
| michael@13 | 14 | ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| michael@13 | 15 | ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR |
| michael@13 | 16 | ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| michael@13 | 17 | ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| michael@13 | 18 | ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
| michael@13 | 19 | ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
| michael@13 | 20 | ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
| michael@13 | 21 | ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT |
| michael@13 | 22 | ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| michael@13 | 23 | ## SUCH DAMAGE. |
| michael@13 | 24 | ## |
| michael@13 | 25 | ## Usage: aux.prereq.sh source|binary |
| michael@13 | 26 | ## |
| michael@13 | 27 | |
| michael@13 | 28 | mode="$1" |
| michael@13 | 29 | |
| michael@13 | 30 | # CHECK: determine platform ids |
| michael@13 | 31 | platform_prod=`sh ./shtool platform -n -L -S "" -C "+" -F "%<ap>-%<sp>"` |
| michael@13 | 32 | platform_tech=`sh ./shtool platform -n -L -S "" -C "+" -F "%<at>-%<st>"` |
| michael@13 | 33 | echo "++ platform product: $platform_prod" |
| michael@13 | 34 | echo "++ platform technology: $platform_tech" |
| michael@13 | 35 | |
| michael@13 | 36 | # |
| michael@13 | 37 | # CHECK: diskspace requirement |
| michael@13 | 38 | # |
| michael@13 | 39 | if [ ".$mode" = .source ]; then |
| michael@13 | 40 | fs_path="${TMPDIR-/tmp}" |
| michael@13 | 41 | fs_need=150000 |
| michael@13 | 42 | else |
| michael@13 | 43 | fs_path="" # FIXME |
| michael@13 | 44 | fs_need=0 # FIXME |
| michael@13 | 45 | fi |
| michael@13 | 46 | fs_free="" |
| michael@13 | 47 | case "$platform_tech" in |
| michael@13 | 48 | *-freebsd* | *-linux* | *-sunos* ) |
| michael@13 | 49 | fs_free=`cd $fs_path && /bin/df -k . | sed -n -e '$p' | sed -e 's;^[^ ]*;;' -e 's; *;;' | awk '{ print $3; }'` |
| michael@13 | 50 | ;; |
| michael@13 | 51 | esac |
| michael@13 | 52 | if [ ".$fs_free" != . ]; then |
| michael@13 | 53 | if [ $fs_free -lt $fs_need ]; then |
| michael@13 | 54 | if [ ".$mode" = .source ]; then |
| michael@13 | 55 | echo "ERROR: temporary directory \"$fs_path\" has to reside on a partition" 1>&2 |
| michael@13 | 56 | echo " with at least $fs_need KB of free disk space. Set \$TMPDIR to" 1>&2 |
| michael@13 | 57 | echo " a directory on a partition with enough free disk space, please." 1>&2 |
| michael@13 | 58 | else |
| michael@13 | 59 | echo "ERROR: installation directory \"$fs_path\" has to reside on a partition" 1>&2 |
| michael@13 | 60 | echo " with at least $fs_need KB of free disk space. Make \"$fs_path\" a" 1>&2 |
| michael@13 | 61 | echo " symbolic link to a directory on a partition with enough free" 1>&2 |
| michael@13 | 62 | echo " disk space, please." 1>&2 |
| michael@13 | 63 | fi |
| michael@13 | 64 | exit 1 |
| michael@13 | 65 | fi |
| michael@13 | 66 | fi |
| michael@13 | 67 | |
| michael@13 | 68 | # |
| michael@13 | 69 | # CHECK: available vendor packages |
| michael@13 | 70 | # |
| michael@13 | 71 | # ...FIXME... |
| michael@13 | 72 | |
| michael@13 | 73 | # |
| michael@13 | 74 | # CHECK: available tools in $PATH |
| michael@13 | 75 | # |
| michael@13 | 76 | # ...FIXME... |
| michael@13 | 77 | |
| michael@13 | 78 | # |
| michael@13 | 79 | # CHECK: available devices /dev/random, etc. |
| michael@13 | 80 | # |
| michael@13 | 81 | # ...FIXME... |
| michael@13 | 82 | |
| michael@13 | 83 | # |
| michael@13 | 84 | # CHECK: consistency check for /prefix (symlink!) |
| michael@13 | 85 | # |
| michael@13 | 86 | # ...FIXME... |
| michael@13 | 87 |
