The branch main has been updated by markj:
URL:
https://cgit.FreeBSD.org/src/commit/?id=667ef8875bad115d334a85c1023db0cf4d8379ba
commit 667ef8875bad115d334a85c1023db0cf4d8379ba
Author: Mark Johnston <ma...@freebsd.org>
AuthorDate: 2025-07-05 14:54:07 +0000
Commit: Mark Johnston <ma...@freebsd.org>
CommitDate: 2025-07-05 14:54:07 +0000
nuageinit: Add wrappers for chmod and chown
In the wrappers, check for errors and abort if one is raised. At some
point it may be useful to have a mechanism to ignore errors, but I'm not
sure yet how that should look.
For chmod, let the mode be specified as an octal number, otherwise it's
hard to understand what's happening. Note that this must be specified
as a string, otherwise tonumber() will raise an error.
Reviewed by: bapt
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D51159
---
libexec/nuageinit/nuage.lua | 35 +++++++++++++++++++++++++----------
libexec/nuageinit/nuageinit | 7 +++----
2 files changed, 28 insertions(+), 14 deletions(-)
diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua
index 11958e8b5cc2..493ae11d6ca7 100644
--- a/libexec/nuageinit/nuage.lua
+++ b/libexec/nuageinit/nuage.lua
@@ -56,6 +56,21 @@ local function errmsg(str, prepend)
os.exit(1)
end
+local function chmod(path, mode)
+ local mode = tonumber(mode, 8)
+ local _, err, msg = sys_stat.chmod(path, mode)
+ if err then
+ errmsg("chmod(" .. path .. ", " .. mode .. ") failed: " .. msg)
+ end
+end
+
+local function chown(path, owner, group)
+ local _, err, msg = unistd.chown(path, owner, group)
+ if err then
+ errmsg("chown(" .. path .. ", " .. owner .. ", " .. group .. ")
failed: " .. msg)
+ end
+end
+
local function dirname(oldpath)
if not oldpath then
return nil
@@ -252,12 +267,12 @@ local function addsshkey(homedir, key)
f:write(key .. "\n")
f:close()
if chownak then
- sys_stat.chmod(ak_path, 384)
- unistd.chown(ak_path, dirattrs.uid, dirattrs.gid)
+ chmod(ak_path, "0600")
+ chown(ak_path, dirattrs.uid, dirattrs.gid)
end
if chowndotssh then
- sys_stat.chmod(dotssh_path, 448)
- unistd.chown(dotssh_path, dirattrs.uid, dirattrs.gid)
+ chmod(dotssh_path, "0700")
+ chown(dotssh_path, dirattrs.uid, dirattrs.gid)
end
end
@@ -296,10 +311,10 @@ local function addsudo(pwd)
end
f:close()
if chmodsudoers then
- sys_stat.chmod(sudoers, 416)
+ chmod(sudoers, "0640")
end
if chmodsudoersd then
- sys_stat.chmod(sudoers, 480)
+ chmod(sudoers, "0740")
end
end
@@ -521,16 +536,14 @@ local function addfile(file, defer)
end
f:close()
if file.permissions then
- -- convert from octal to decimal
- local perm = tonumber(file.permissions, 8)
- sys_stat.chmod(filepath, perm)
+ chmod(filepath, file.permissions)
end
if file.owner then
local owner, group = string.match(file.owner, "([^:]+):([^:]+)")
if not owner then
owner = file.owner
end
- unistd.chown(filepath, owner, group)
+ chown(filepath, owner, group)
end
return true
end
@@ -538,6 +551,8 @@ end
local n = {
warn = warnmsg,
err = errmsg,
+ chmod = chmod,
+ chown = chown,
dirname = dirname,
mkdir_p = mkdir_p,
sethostname = sethostname,
diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit
index 84133d4373c5..0fcdc7274db3 100755
--- a/libexec/nuageinit/nuageinit
+++ b/libexec/nuageinit/nuageinit
@@ -7,7 +7,6 @@
local nuage = require("nuage")
local ucl = require("ucl")
local yaml = require("lyaml")
-local sys_stat = require("posix.sys.stat")
if #arg ~= 2 then
nuage.err("Usage: " .. arg[0] .. " <cloud-init-directory> (<config-2> |
<nocloud>)", false)
@@ -157,7 +156,7 @@ local function ssh_keys(obj)
sshkey:close()
end
if keytype == "private" then
- sys_stat.chmod(path, 384)
+ nuage.chmod(path, "0600")
end
end
end
@@ -281,7 +280,7 @@ local function runcmd(obj)
end
if f ~= nil then
f:close()
- sys_stat.chmod(root .. "/var/cache/nuageinit/runcmds", 493)
+ nuage.chmod(root .. "/var/cache/nuageinit/runcmds", "0755")
end
end
@@ -503,5 +502,5 @@ if line == "#cloud-config" then
end
elseif line:sub(1, 2) == "#!" then
-- delay for execution at rc.local time --
- sys_stat.chmod(root .. "/var/cache/nuageinit/user_data", 493)
+ nuage.chmod(root .. "/var/cache/nuageinit/user_data", "0755")
end
