path := fmt.Sprintf("/tmp/safcm-remote-%d", uid)
c.debugf("DialSSH: probing remote at %q", path)
+
+ // Compatibility for different operating systems
+ var compat string
+ switch goos {
+ case "linux":
+ compat = `
+dir_stat='drwxrwxrwt 0 0'
+file_stat="-rwx------ $(id -u) $(id -g)"
+compat_stat() {
+ stat -c '%A %u %g' "$1"
+}
+compat_sha512sum() {
+ sha512sum "$1"
+}
+`
+ default:
+ return fmt.Errorf("internal error: no support for %q", goos)
+ }
+
// Use a function so the shell cannot execute the input line-wise.
// This is important because we're also using stdin to send data to
// the script. If the shell executes the input line-wise then our
// `test -e` is only used to prevent error messages if the file
// doesn't exist. It does not guard against any races.
_, err = fmt.Fprintf(stdin, `
+%s
f() {
x=%q
dir="$(dirname "$x")"
- if ! test "$(stat -c '%%A %%u %%g' "$dir")" = 'drwxrwxrwt 0 0'; then
+ if ! test "$(compat_stat "$dir")" = "$dir_stat"; then
echo "unsafe permissions on $dir, aborting" >&2
exit 1
fi
- if test -e "$x" && test "$(stat -c '%%A %%u' "$x")" = "-rwx------ $(id -u)"; then
+ if test -e "$x" && test "$(compat_stat "$x")" = "$file_stat"; then
# Report checksum
- sha512sum "$x"
+ compat_sha512sum "$x"
else
# Empty checksum to request upload
echo
exec "$x" sync
}
f
-`, path)
+`, compat, path)
if err != nil {
return err
}
ruderich.org/simon / safcm / safcm.git / commitdiff