From c5302d3a33028f483cc2e01225226d4ae047dd4a Mon Sep 17 00:00:00 2001 From: Eli Schwartz Date: Mon, 24 Jul 2017 23:31:19 -0400 Subject: Require TUs to explicitly request to overwrite a pkgbase AUR_PRIVILEGED allows people with privileged AUR accounts to evade the block on non-fast-forward commits. While valid in this case, we should not do so by default, since in at least one case a TU did this without realizing there was an existing package. ( https://aur.archlinux.org/packages/rtmidi/ ) Switch to using allow_overwrite to check for destructive actions. Use .ssh/config "SendEnv" on the TU's side and and sshd_config "AcceptEnv" in the AUR server to specifically request overwrite access. TUs should use: `AUR_OVERWRITE=1 git push --force` Signed-off-by: Eli Schwartz Signed-off-by: Lukas Fleischer --- aurweb/git/auth.py | 2 ++ aurweb/git/update.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'aurweb') diff --git a/aurweb/git/auth.py b/aurweb/git/auth.py index 022b0fff..d02390da 100755 --- a/aurweb/git/auth.py +++ b/aurweb/git/auth.py @@ -1,5 +1,6 @@ #!/usr/bin/python3 +import os import shlex import re import sys @@ -52,6 +53,7 @@ def main(): env_vars = { 'AUR_USER': user, 'AUR_PRIVILEGED': '1' if account_type > 1 else '0', + 'AUR_OVERWRITE' : os.environ.get('AUR_OVERWRITE', '0') if account_type > 1 else '0', } key = keytype + ' ' + keytext diff --git a/aurweb/git/update.py b/aurweb/git/update.py index c9a98d07..16fa2b07 100755 --- a/aurweb/git/update.py +++ b/aurweb/git/update.py @@ -238,6 +238,7 @@ def main(): user = os.environ.get("AUR_USER") pkgbase = os.environ.get("AUR_PKGBASE") privileged = (os.environ.get("AUR_PRIVILEGED", '0') == '1') + allow_overwrite = (os.environ.get("AUR_OVERWRITE", '0') == '1') warn_or_die = warn if privileged else die if len(sys.argv) == 2 and sys.argv[1] == "restore": @@ -258,7 +259,7 @@ def main(): conn = aurweb.db.Connection() # Detect and deny non-fast-forwards. - if sha1_old != "0" * 40 and not privileged: + if sha1_old != "0" * 40 and not allow_overwrite: walker = repo.walk(sha1_old, pygit2.GIT_SORT_TOPOLOGICAL) walker.hide(sha1_new) if next(walker, None) is not None: -- cgit v1.2.3-24-g4f1b