]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - ikiwiki-mass-rebuild
Add missing build-depends on libcgi-formbuilder-perl, needed for t/relativity.t
[git.ikiwiki.info.git] / ikiwiki-mass-rebuild
index 3d0ca734c4652368c9486e5479ce92279efdb610..9b57532bcce1897454b46a08ef62055c6982525c 100755 (executable)
@@ -2,63 +2,45 @@
 use warnings;
 use strict;
 
 use warnings;
 use strict;
 
-sub supplemental_groups {
-       my $user=shift;
+my $etcfile="/etc/ikiwiki/wikilist";
 
 
-       my @list;
-       while (my @fields=getgrent()) {
-               if (grep { $_ eq $user } split(' ', $fields[3])) {
-                       push @list, $fields[2];
-               }
-       }
+sub root {
+       $> == 0;
+}
 
 
-       return @list;
+sub username {
+       (getpwuid($>))[0];
 }
 
 sub processline {
 }
 
 sub processline {
-       my $user=shift;
        my $setup=shift;
        
        my $setup=shift;
        
-       if (! getpwnam("$user")) {
-               print STDERR "warning: user $user does not exist\n";
-               return
-       }
        if (! -f "$setup") {
                print STDERR "warning: $setup does not exist, skipping\n";
                return;
        }
        if (! -f "$setup") {
                print STDERR "warning: $setup does not exist, skipping\n";
                return;
        }
-       print "Processing $setup as user $user ...\n";
-       # su is not used because it passes arguments through the shell,
-       # which is not safe for untrusted setup file names.
-       defined(my $pid = fork) or die "Can’t fork: $!";
-       if (! $pid) {
-               my ($uuid, $ugid) = (getpwnam($user))[2, 3];
-               my $grouplist=join(" ", $ugid, sort {$a <=> $b} $ugid, supplemental_groups($user));
-               if (($)=$grouplist) ne $grouplist) {
-                       die "failed to set egid $grouplist (got back $))";
-               }
-               $(=$ugid;
-               $<=$uuid;
-               $>=$uuid;
-               if ($< != $uuid || $> != $uuid || $( != $ugid) {
-                       die "failed to drop permissions to $user";
-               }
-               %ENV=(
-                       PATH => $ENV{PATH},
-                       HOME => (getpwnam($user))[7],
-               );
-               exec("ikiwiki", "-setup", $setup, @ARGV);
-               die "failed to run ikiwiki: $!";
+       print "Processing $setup as user ".username()." ...\n";
+       my $ret=system("ikiwiki", "-setup", $setup, @ARGV);
+       if ($ret != 0) {
+               print STDERR "warning: processing $setup failed with code $ret\n";
        }
        }
-       waitpid($pid,0);
-       if ($?) {
-               print STDERR "Processing $setup as user $user failed with code $?\n";
+}
+
+my %users;
+sub processuser {
+       my $user=shift;
+       return if $user=~/^-/ || $users{$user};
+       $users{$user}=1;
+       my $ret=system("su", $user, "-s", "/bin/sh", "-c", "--", "$0 --nonglobal @ARGV");
+       if ($ret != 0) {
+               print STDERR "warning: processing for $user failed with code $ret\n";
        }
 }
 
 sub processlist {
        my $file=shift;
        }
 }
 
 sub processlist {
        my $file=shift;
-       my $forceuser=shift;
+
+       return unless -e $file;
 
        my $list;
        open ($list, "<$file") || die "$file: $!";
 
        my $list;
        open ($list, "<$file") || die "$file: $!";
@@ -67,22 +49,28 @@ sub processlist {
                s/^\s+//;
                s/\s+$//;
                next if /^#/ || ! length;
                s/^\s+//;
                s/\s+$//;
                next if /^#/ || ! length;
-
-               if (/^([^\s]+)\s+([^\s]+)$/) {
+               if (/^([-\w]+)\s+([^\s]+)$/) {
                        my $user=$1;
                        my $setup=$2;
                        my $user=$1;
                        my $setup=$2;
-                       if (defined $forceuser && $forceuser ne $user) {
-                               print STDERR "warning: in $file line $., attempt to set user to $user, but user forced to $forceuser. Skipping\n";
+                       if (root()) {
+                               processuser($user);
+                       }
+                       else {
+                               if (username() eq $user) {
+                                       processline($setup);
+                               }
                        }
                        }
-                       processline($user, $setup);
                }
                }
-               elsif (/^([^\s]+)$/) {
+               elsif (/^([-\w]+)$/) {
                        my $user=$1;
                        my $user=$1;
-                       my $home=(getpwnam($user))[7];
-                       if (defined $home && -d $home) {
-                               my $dotfile="$home/.ikiwiki/wikilist";
-                               if (-e $dotfile) {
-                                       processlist($dotfile, $user);
+                       if (root()) {
+                               processuser($user);
+                       }
+                       else {
+                               my $home=(getpwnam($user))[7];
+                               if (defined $home && -d $home) {
+                                       my $dotfile="$home/.ikiwiki/wikilist";
+                                       processlist($dotfile);
                                }
                        }
                }
                                }
                        }
                }
@@ -90,9 +78,13 @@ sub processlist {
        close $list;
 }
 
        close $list;
 }
 
-my $wikilist="/etc/ikiwiki/wikilist";
-
-if (-e $wikilist) {
-       processlist($wikilist);
+if (@ARGV && $ARGV[0] eq "--nonglobal") {
+       shift;
+       # avoid recursively processing if the wikilist file has a root
+       # user in it
+       if (root()) {
+               exit 1;
+       }
 }
 
 }
 
+processlist($etcfile);