kamikaze/repo-cloner
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

What if ran as root?

Browse Source
This commit is contained in:
Václav Valíček (YCNet) 2018-02-23 11:28:45 +01:00
parent c35290ae2d
commit 33f5012583
No known key found for this signature in database
GPG Key ID: 7CF44871CEA75938
3 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -12,7 +12,7 @@ run: cloner
docker run -v $(GLOBALVOL):/data -it --rm $(TAGBASE) docker run -v $(GLOBALVOL):/data -it --rm $(TAGBASE)
run-once: cloner run-once: cloner
docker run -v $(GLOBALVOL):/data -it --rm --user=executor $(TAGBASE) /usr/local/bin/cron-command docker run -v $(GLOBALVOL):/data -it --rm $(TAGBASE) /usr/local/bin/cron-command
run-bash: cloner run-bash: cloner
docker run -v $(GLOBALVOL):/data -it --rm $(TAGBASE) /bin/bash docker run -v $(GLOBALVOL):/data -it --rm $(TAGBASE) /bin/bash

7
dockerbin/cron-command
View File

@ -2,6 +2,13 @@
set -euo pipefail set -euo pipefail
IFS=$'\n\t' IFS=$'\n\t'
# if started as root
if [ $UID -eq 0 ]
then
find /data \! -user executor -exec chown executor:executor {} \;
su executor -c cron-command
exit $?
fi
# check lock # check lock
lock=/var/run/cloner.pid lock=/var/run/cloner.pid

10
dockerbin/wizzard
View File

@ -2,6 +2,14 @@
set -euo pipefail set -euo pipefail
IFS=$'\n\t' IFS=$'\n\t'
# if started as root
if [ $UID -eq 0 ]
then
chown executor:executor /data
su executor -c wizzard
exit $?
fi
dir_prefix=cloner dir_prefix=cloner
function die(){ function die(){
@ -88,7 +96,7 @@ function reuseSSHKey(){
sed -e 's/#.*$//' $scratch > $keyfile sed -e 's/#.*$//' $scratch > $keyfile
rm $scratch rm $scratch
echo "Checking key..." echo "Checking key..."
chmod 0600 $keyfile chmod 0700 $keyfile
ssh-keygen -y -f $keyfile -P "" || true # will fail in the end, so script will continue and clean up the mess ssh-keygen -y -f $keyfile -P "" || true # will fail in the end, so script will continue and clean up the mess
} }