From owner-freebsd-jail@FreeBSD.ORG Sun Jul 13 16:17:04 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 842ABEC4 for ; Sun, 13 Jul 2014 16:17:04 +0000 (UTC) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "wonkity.com", Issuer "wonkity.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 31611234D for ; Sun, 13 Jul 2014 16:17:04 +0000 (UTC) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.14.9/8.14.9) with ESMTP id s6DGGxfo010229 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 13 Jul 2014 10:16:59 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.14.9/8.14.9/Submit) with ESMTP id s6DGGwn0010222; Sun, 13 Jul 2014 10:16:59 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Sun, 13 Jul 2014 10:16:58 -0600 (MDT) From: Warren Block To: Ian Smith Subject: Re: mergemaster and better support for ezjails In-Reply-To: <20140713152442.K50382@sola.nimnet.asn.au> Message-ID: References: <20140713152442.K50382@sola.nimnet.asn.au> User-Agent: Alpine 2.11 (BSF 23 2013-08-11) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (wonkity.com [127.0.0.1]); Sun, 13 Jul 2014 10:16:59 -0600 (MDT) Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 16:17:04 -0000 On Sun, 13 Jul 2014, Ian Smith wrote: > On Sat, 12 Jul 2014 20:08:52 -0600, Warren Block wrote: >> A couple of patches to make mergemaster work better with ezjails. >> > These are only very superficially tested. Feedback welcome. >> > 1. If /etc/mergemaster.rc exists in the jail, it is sourced. This >> allows IGNORE_FILES to be set in the jail. And other settings, but >> that's the one I wanted. > > # Read /etc/mergemaster.rc first so the one in $HOME can override > # > if [ -r /etc/mergemaster.rc ]; then > - . /etc/mergemaster.rc > + . "${DESTDIR}/etc/mergemaster.rc" > fi > > # Read .mergemasterrc before command line so CLI can override > # > if [ -r "$HOME/.mergemasterrc" ]; then > - . "$HOME/.mergemasterrc" > + . "${DESTDIR}/$HOME/.mergemasterrc" > fi > > Maybe a dumb question, but .. > > In both cases, don't we need to test the readability of those files with > ${DESTDIR} prepended, rather than the originals, before sourcing them? Or > can we here safely assume that they will exist? Or doesn't it matter? Yes, you are right, but it doesn't matter because as Mateusz Guzik points out, it's not safe to source those files from a jail.