mirror of
https://github.com/m8tin/cis.git
synced 2026-06-02 14:56:58 +02:00
allow @ in parameters and sanitize all parameters using base.set
This commit is contained in:
m8in
@@ -1,4 +1,5 @@
|
||||
#!/bin/bash
|
||||
source /cis/core/base.module.sh
|
||||
|
||||
#WARNING: Used for core functionality in setup.sh
|
||||
# DO NOT rename the script and test changes well!
|
||||
@@ -27,7 +28,7 @@ function checkPermissions(){
|
||||
return 1
|
||||
}
|
||||
|
||||
function cloneOrPull {
|
||||
function cloneOrPull() {
|
||||
local _FOLDER _REPOSITORY
|
||||
_FOLDER="${1:?"Missing first parameter FOLDER"}"
|
||||
_REPOSITORY="${2:?"Missing second parameter REPOSITORY"}"
|
||||
@@ -98,10 +99,13 @@ function addAndCheckGitRepository() {
|
||||
}
|
||||
|
||||
# sanitizes all parameters
|
||||
base.set FOLDER "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
base.set RIGHTS "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
base.set SUGGESTED_REPOSITORY "${3}" '^([-a-zA-Z0-9/:@._]*)?$' || exit 1
|
||||
addAndCheckGitRepository \
|
||||
"$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"$(echo ${3} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"${FOLDER:?"Missing FOLDER"}" \
|
||||
"${RIGHTS:?"Missing RIGHTS"}" \
|
||||
"${SUGGESTED_REPOSITORY}" \
|
||||
&& exit 0
|
||||
|
||||
exit 1
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
#!/bin/bash
|
||||
source /cis/core/base.module.sh
|
||||
|
||||
#WARNING: Used for core functionality in setup.sh
|
||||
# DO NOT rename the script and test changes well!
|
||||
@@ -36,7 +37,8 @@ function addNormalUser() {
|
||||
}
|
||||
|
||||
# sanitizes all parameters
|
||||
addNormalUser "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
base.set USER "${1}" '^[a-z][-a-z0-9_.]*$' || exit 1
|
||||
addNormalUser "${USER:?"Missing USER"}" \
|
||||
&& exit 0
|
||||
|
||||
exit 1
|
||||
|
||||
@@ -1,14 +1,11 @@
|
||||
#!/bin/bash
|
||||
source /cis/core/base.module.sh
|
||||
|
||||
#WARNING: Used for core functionality in setup.sh
|
||||
# DO NOT rename the script and test changes well!
|
||||
|
||||
|
||||
|
||||
# Folders always ends with an tailing '/'
|
||||
_SCRIPT="$(readlink -f "${0}" 2> /dev/null)"
|
||||
_CIS_ROOT="${_SCRIPT%%/core/*}/" #Removes longest matching pattern '/core/*' from the end
|
||||
|
||||
# Note that an unprivileged user can use this script successfully,
|
||||
# if no user has to be added to the host because it already exists.
|
||||
function addToCrontabEveryHour() {
|
||||
@@ -24,11 +21,11 @@ function addToCrontabEveryHour() {
|
||||
&& return 0
|
||||
|
||||
[ "$(id -u)" == "0" ] \
|
||||
&& echo "${_CIS_ROOT:?"Missing CIS_ROOT"}" | grep -F 'home' &> /dev/null \
|
||||
&& echo "${CIS[ROOT]:?"Missing CIS_ROOT"}" | grep -F 'home' &> /dev/null \
|
||||
&& echo "SUCCESS: Although the entry will be skipped: ("$(readlink -f ${0})")" \
|
||||
&& echo " - '${_STRING}'" \
|
||||
&& echo " that is because the current environment is:" \
|
||||
&& echo " - ${_CIS_ROOT}" \
|
||||
&& echo " - ${CIS[ROOT]}" \
|
||||
&& return 0
|
||||
|
||||
[ "$(id -u)" == "0" ] \
|
||||
@@ -47,9 +44,11 @@ function addToCrontabEveryHour() {
|
||||
}
|
||||
|
||||
# sanitizes all parameters
|
||||
base.set COMMAND "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
base.set MINUTE_VALUE "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
addToCrontabEveryHour \
|
||||
"$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"${COMMAND:?"Missing COMMAND"}" \
|
||||
"${MINUTE_VALUE:?"Missing MINUTE_VALUE"}" \
|
||||
&& exit 0
|
||||
|
||||
exit 1
|
||||
|
||||
+1
-1
@@ -14,7 +14,7 @@
|
||||
function base.checkAllInputParameters() {
|
||||
local _ALLOWED_CHARS _ARG _SUCCESS
|
||||
# Global whitelist for all start-parameters ($1, $2, ...)
|
||||
_ALLOWED_CHARS='-[:alnum:]/_.:'
|
||||
_ALLOWED_CHARS='-[:alnum:]@/_.:'
|
||||
readonly _ALLOWED_CHARS
|
||||
|
||||
_SUCCESS="true"
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
#!/bin/bash
|
||||
source /cis/core/base.module.sh
|
||||
|
||||
#WARNING: Used for core functionality in setup.sh
|
||||
# DO NOT rename the script and test changes well!
|
||||
|
||||
|
||||
|
||||
function prepareFolder() {
|
||||
local _HOME_FOLDER _SSH_FOLDER _USER
|
||||
_SSH_FOLDER="${1:?"prepareFolder(): Missing parameter SSH_PATH"}"
|
||||
@@ -133,9 +136,11 @@ function defineAuthorizedKeysOfUser() {
|
||||
}
|
||||
|
||||
# sanitizes all parameters
|
||||
base.set DEFINITIONS "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
base.set USER "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
defineAuthorizedKeysOfUser \
|
||||
"$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"${DEFINITIONS:?"Missing DEFINITIONS"}" \
|
||||
"${USER:?"Missing USER"}" \
|
||||
&& exit 0
|
||||
|
||||
exit 1
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
#!/bin/bash
|
||||
source /cis/core/base.module.sh
|
||||
|
||||
#WARNING: Used for core functionality in setup.sh
|
||||
# DO NOT rename the script and test changes well!
|
||||
|
||||
|
||||
|
||||
function printIfEqual() {
|
||||
[ "${1:?"Missing first parameter"}" == "${2}" ] \
|
||||
&& echo "${1}" \
|
||||
@@ -215,9 +218,11 @@ function ensureUsageOfDefinitions() {
|
||||
}
|
||||
|
||||
# sanitizes all parameters
|
||||
base.set DEFINITIONS "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
base.set CURRENT_FULLFILE "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
|
||||
ensureUsageOfDefinitions \
|
||||
"$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
|
||||
"${DEFINITIONS:?"Missing DEFINITIONS"}" \
|
||||
"${CURRENT_FULLFILE:?"Missing CURRENT_FULLFILE"}" \
|
||||
&& exit 0
|
||||
|
||||
exit 1
|
||||
|
||||
Reference in New Issue
Block a user