diff options
| author | Eli Schwartz <eschwartz@archlinux.org> | 2017-07-25 05:31:19 +0200 |
|---|---|---|
| committer | Lukas Fleischer <lfleischer@archlinux.org> | 2017-07-25 20:12:11 +0200 |
| commit | c5302d3a33028f483cc2e01225226d4ae047dd4a (patch) | |
| tree | 9bc9895223019903b52124bca4b7c8c608f246cf /aurweb | |
| parent | 243fb92273de1c8bf5c938a62cb06bd198c97c4c (diff) | |
| download | aur-c5302d3a33028f483cc2e01225226d4ae047dd4a.tar.gz aur-c5302d3a33028f483cc2e01225226d4ae047dd4a.tar.xz | |
Require TUs to explicitly request to overwrite a pkgbase
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
not do so by default, since in at least one case a TU did this without
realizing there was an existing package.
( https://aur.archlinux.org/packages/rtmidi/ )
Switch to using allow_overwrite to check for destructive actions.
Use .ssh/config "SendEnv" on the TU's side and and sshd_config
"AcceptEnv" in the AUR server to specifically request overwrite access.
TUs should use: `AUR_OVERWRITE=1 git push --force`
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Diffstat (limited to 'aurweb')
| -rwxr-xr-x | aurweb/git/auth.py | 2 | ||||
| -rwxr-xr-x | aurweb/git/update.py | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/aurweb/git/auth.py b/aurweb/git/auth.py index 022b0fff..d02390da 100755 --- a/aurweb/git/auth.py +++ b/aurweb/git/auth.py @@ -1,5 +1,6 @@ #!/usr/bin/python3 +import os import shlex import re import sys @@ -52,6 +53,7 @@ def main(): env_vars = { 'AUR_USER': user, 'AUR_PRIVILEGED': '1' if account_type > 1 else '0', + 'AUR_OVERWRITE' : os.environ.get('AUR_OVERWRITE', '0') if account_type > 1 else '0', } key = keytype + ' ' + keytext diff --git a/aurweb/git/update.py b/aurweb/git/update.py index c9a98d07..16fa2b07 100755 --- a/aurweb/git/update.py +++ b/aurweb/git/update.py @@ -238,6 +238,7 @@ def main(): user = os.environ.get("AUR_USER") pkgbase = os.environ.get("AUR_PKGBASE") privileged = (os.environ.get("AUR_PRIVILEGED", '0') == '1') + allow_overwrite = (os.environ.get("AUR_OVERWRITE", '0') == '1') warn_or_die = warn if privileged else die if len(sys.argv) == 2 and sys.argv[1] == "restore": @@ -258,7 +259,7 @@ def main(): conn = aurweb.db.Connection() # Detect and deny non-fast-forwards. - if sha1_old != "0" * 40 and not privileged: + if sha1_old != "0" * 40 and not allow_overwrite: walker = repo.walk(sha1_old, pygit2.GIT_SORT_TOPOLOGICAL) walker.hide(sha1_new) if next(walker, None) is not None: |