From 371ca31531bbe0e8b9b114b04df11a620e092651 Mon Sep 17 00:00:00 2001 From: Egor Tensin Date: Sat, 7 May 2016 23:55:22 +0300 Subject: add function to build/check checksums + adjust .git/ permissions in adjust_dotdirs_permissions --- .README.md | 11 +++++++++++ .bashrc | 30 +++++++++++++++++++++++++++++- 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/.README.md b/.README.md index 2aff8cd..ab666f9 100644 --- a/.README.md +++ b/.README.md @@ -16,3 +16,14 @@ of files `git clean` will delete by adding the `--dry-run` parameter. git branch --set-upstream-to=origin/master master The deployment should preferably take place right after you install Cygwin. + +`git` doesn't preserve file permissions. +After the deployment, anyone will be able to read any of the deployed +"dotfiles". +To adjust the permissions so that only you can read the files, `source` +`.bashrc` (`bash` does this automatically) and execute + + adjust_dotfiles_permissions + +This also makes sure the directories in the repository are accessible only by +yourself (including the `.git` directory). diff --git a/.bashrc b/.bashrc index d469dfa..e8ff441 100644 --- a/.bashrc +++ b/.bashrc @@ -212,7 +212,10 @@ adjust_dotdirs_permissions() { { git ls-files | xargs realpath | xargs dirname realpath . - } | sort | uniq | grep --fixed-strings --invert-match --line-regex "$( realpath . )" | xargs chmod 0700 + } | sort | uniq | grep --fixed-strings --invert-match --line-regex "$( realpath . )" | xargs chmod 0700 || return $? + if [ -d .git ]; then + chmod --recursive 0700 .git || return $? + fi popd > /dev/null } @@ -294,3 +297,28 @@ backup_repo_nwx() { HEAD done } + +list_files() { + local cmd='find . -type f' + if [ $# -gt 0 ]; then + cmd+="$( printf ' %q' '-(' )" + local ext="$1" + cmd+="$( printf ' -iname %q' "*.$ext" )" + shift + for ext; do + cmd+="$( printf ' -o -iname %q' "*.$ext" )" + done + cmd+="$( printf ' %q' '-)' )" + fi + eval "$cmd" +} + +checksums_path='sha1sums.txt' + +update_checksums() { + list_files iso exe | xargs --max-lines=1 sha1sum > "$checksums_path" +} + +checksums() { + sha1sum --check "$checksums_path" +} -- cgit v1.2.3