#720967 running etckeeper during vcsh session: have fun

#720967#5
Date:
2013-08-26 17:31:10 UTC
From:
To:
Today I made a really stupid face... :-)

Switching back to my terminal, observing etckeeper adding GB after GB of my
$HOME to its index...

Killed it, installed another package during the same aptitude
process. Waiting...

Looking at the process list...

There's a vcsh process somewhere above the aptitude process.

Facepalm!

Should etckeeper have some checks build in that save stupid users like me?

Regards, Thomas Koch

#720967#10
Date:
2013-08-26 17:52:50 UTC
From:
To:
Congratulations! ;)
ways and if etckeeper did that and mr did too, then you may have a
false sense of security and the next tool will not guard against
_this_. Or you alias vcsh to v and the check didn't look for
$VCSH_REPO_NAME but for vcsh in ps. Or, or, or...


The way to guard yourself is by changing your prompt. That or not
using `vcsh enter` any more.


Richard

PS: I would love to add that etckeeper example to my slides; without
your name or any other info about you, of course. Would that be OK?

PPS: You really made me smile after a rather "meh" day at work.
Heartfealt thanks for this :)

#720967#15
Date:
2013-08-26 17:52:50 UTC
From:
To:
Congratulations! ;)
ways and if etckeeper did that and mr did too, then you may have a
false sense of security and the next tool will not guard against
_this_. Or you alias vcsh to v and the check didn't look for
$VCSH_REPO_NAME but for vcsh in ps. Or, or, or...


The way to guard yourself is by changing your prompt. That or not
using `vcsh enter` any more.


Richard

PS: I would love to add that etckeeper example to my slides; without
your name or any other info about you, of course. Would that be OK?

PPS: You really made me smile after a rather "meh" day at work.
Heartfealt thanks for this :)

#720967#20
Date:
2013-08-26 18:17:45 UTC
From:
To:
Thomas Koch wrote:

AFAICS, sudo prevents variables like the ones vcsh sets from getting
through to the root shell. So unless you run vcsh as root (which seems
asking for foot shooting), this should not happen easily.

#720967#25
Date:
2013-08-26 18:39:42 UTC
From:
To:
I did su and then aptitude.

As an addition to etckeeper I think one could add:

if $(git rev-parse --show-toplevel) != "/etc"   exit 42

and

if $(readlink -f $(git rev-parse --git-dir)) != "/etc/.git" exit 43

I'm happy when I can make you happy!

Thomas

#720967#30
Date:
2013-08-26 18:48:50 UTC
From:
To:
Thomas Koch wrote:

Forgot that people still use su..

I don't know if some people may use etckeeper with the git directory
located elsewhere.

Such a test would be ok, I think, if it checked if the git directory was
not owned by root and refused to continue.

#720967#35
Date:
2013-08-26 19:13:34 UTC
From:
To:
Some more feedback:

* `su -` will start with a new ENV
* $VCSH_COMMAND, $VCSH_DIRECTORY, and $VCSH_REPO_NAME will always be
set if you are within the context of vcsh
* The thing that you really should guard against is $GIT_WORK_TREE
being set. $GIT_DIR is almost as bad, but $GIT_WORK_TREE is the more
important one.


Richard

#720967#40
Date:
2013-08-26 19:13:34 UTC
From:
To:
Some more feedback:

* `su -` will start with a new ENV
* $VCSH_COMMAND, $VCSH_DIRECTORY, and $VCSH_REPO_NAME will always be
set if you are within the context of vcsh
* The thing that you really should guard against is $GIT_WORK_TREE
being set. $GIT_DIR is almost as bad, but $GIT_WORK_TREE is the more
important one.


Richard

#720967#45
Date:
2013-08-26 20:33:24 UTC
From:
To:
On the vcsh site I think it might be a sensible option to prevent certain
commands to be run during a vcsh session, at least sudo and su.

Is it possible to set aliases in the vcsh shell? Or could the vcsh shell be
rush[1] (in debian)?

[1] http://puszcza.gnu.org.ua/software/rush/manual.html

#720967#50
Date:
2013-08-26 21:00:03 UTC
From:
To:
Sorry, but no. What about login? Should I follow through new instances
of bash or zsh? And a ton of other possibilities...

You can do whatever you want in the

    post-enter

hook. If you want, you can submit it and maybe it'll be included as an example.

I am not sure if it makes sense to have a login shell different from
the "vcsh shell". That being said, you can use the same hook or simply

    vcsh run $repo rush


Or if you _really_ care and come up with a clean path to support
$VCSH_SHELL or similar, which you can then set to whatever shell you
please...


Richard

#720967#55
Date:
2013-08-26 21:12:18 UTC
From:
To:
Actually, you can't set aliases or otherwise change ENV. Maybe there's
a need for

    post-enter--sourced

or similar?

#720967#60
Date:
2013-08-26 21:16:48 UTC
From:
To:
I've added this to my shell init script:

if [ x${VCSH_REPO_NAME} != "x" ]
then
  for C in sudo su vcsh
  do
    alias $C="echo \"You don't want to run $C during a vcsh session!\" &&
false "
  done
fi