Yedidyah Bar David has posted comments on this change. Change subject: pki: enforce lock file permissions same as ca private key ......................................................................
Patch Set 8: (2 comments) http://gerrit.ovirt.org/#/c/25629/8/packaging/bin/pki-enroll-request.sh File packaging/bin/pki-enroll-request.sh: Line 106: # Line 107: if [ -L "${LOCKFILE}" ]; then Line 108: rm -f "${LOCKFILE}" Line 109: [ -L "${LOCKFILE}" ] && die "Cannot remove lockfile borken symlink '${LOCKFILE}', please remove" Line 110: fi This is not needed with 'mv -T', I think. Line 111: Line 112: ( Line 113: LOCKTMP= Line 114: cleanup() { Line 117: trap cleanup 0 Line 118: LOCKTMP="$(mktemp --tmpdir="$(dirname "${LOCKFILE}")")" || die "Cannot create temp lock file" Line 119: chown --reference="${LOCKFILE_REF}" "${LOCKTMP}" || die "Cannot set ownership of lockfile '${LOCKTMP}'" Line 120: chmod --reference="${LOCKFILE_REF}" "${LOCKTMP}" || die "Cannot set permissions of lockfile '${LOCKTMP}'" Line 121: mv -fT "${LOCKTMP}" "${LOCKFILE}" || die "Cannot create lockfile '${LOCKFILE}'" Nice, I didn't remember '-T'... I still think this can be made simpler, but it's probably good enough as-is. Line 122: LOCKTMP= Line 123: ) || exit $? Line 124: fi Line 125: -- To view, visit http://gerrit.ovirt.org/25629 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I89d1bee3c7fff1bae2ee555d556e35171bef612c Gerrit-PatchSet: 8 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Yedidyah Bar David <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
