path := fmt.Sprintf("/tmp/safcm-remote-%d", uid)
c.debugf("DialSSH: probing remote at %q", path)
+
+ // Compatibility for different operating systems
+ var compat string
+ switch goos {
+ case "linux":
+ compat = `
+dir_stat='drwxrwxrwt 0 0'
+file_stat="-rwx------ $(id -u) $(id -g)"
+compat_stat() {
+ stat -c '%A %u %g' "$1"
+}
+compat_sha512sum() {
+ sha512sum "$1"
+}
+`
+ case "freebsd", "openbsd":
+ compat = `
+dir_stat='41777 0 0'
+file_stat="100700 $(id -u) $(id -g)"
+compat_stat() {
+ stat -f '%p %u %g' "$1"
+}
+compat_sha512sum() {
+ sha512 -q "$1"
+}
+`
+ default:
+ return fmt.Errorf("internal error: no support for %q", goos)
+ }
+
// Use a function so the shell cannot execute the input line-wise.
// This is important because we're also using stdin to send data to
// the script. If the shell executes the input line-wise then our
// `test -e` is only used to prevent error messages if the file
// doesn't exist. It does not guard against any races.
_, err = fmt.Fprintf(stdin, `
+%s
f() {
x=%q
dir="$(dirname "$x")"
- if ! test "$(stat -c '%%A %%u %%g' "$dir")" = 'drwxrwxrwt 0 0'; then
+ if ! test "$(compat_stat "$dir")" = "$dir_stat"; then
echo "unsafe permissions on $dir, aborting" >&2
exit 1
fi
- if test -e "$x" && test "$(stat -c '%%A %%u' "$x")" = "-rwx------ $(id -u)"; then
+ if test -e "$x" && test "$(compat_stat "$x")" = "$file_stat"; then
# Report checksum
- sha512sum "$x"
+ compat_sha512sum "$x"
else
# Empty checksum to request upload
echo
exec "$x" sync
}
f
-`, path)
+`, compat, path)
if err != nil {
return err
}
}
func connGetGoos(stdin io.Writer, stdout *bufio.Reader) (string, error) {
- _, err := fmt.Fprintln(stdin, "uname -o")
+ _, err := fmt.Fprintln(stdin, "uname")
if err != nil {
return "", err
}
// NOTE: Adapt helper uploading in dialSSH() when adding new systems
var goos string
switch x {
- case "GNU/Linux":
+ case "Linux":
goos = "linux"
+ case "FreeBSD":
+ goos = "freebsd"
+ case "OpenBSD":
+ goos = "openbsd"
default:
- return "", fmt.Errorf("unsupported OS %q (`uname -o`)", x)
+ return "", fmt.Errorf("unsupported OS %q (`uname`)", x)
}
return goos, nil
}
// NOTE: Adapt cmd/safcm-remote/build.sh when adding new architectures
var goarch string
switch x {
- case "x86_64":
+ case "x86_64", "amd64":
goarch = "amd64"
case "armv7l":
goarch = "armv7l"