From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from scc-mailout-kit-01-web.scc.kit.edu (scc-mailout-kit-01-web.scc.kit.edu [129.13.231.93]); by fantadrom.bsd.lv (OpenSMTPD) with ESMTP id abd6179d; for ; Wed, 21 Jan 2015 18:05:22 -0500 (EST) Received: from asta-nat.asta.uni-karlsruhe.de ([172.22.63.82] helo=hekate.usta.de) by scc-mailout-kit-01.scc.kit.edu with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (envelope-from ) id 1YE4Kt-0007zl-Uq; Thu, 22 Jan 2015 00:05:21 +0100 Received: from donnerwolke.usta.de ([172.24.96.3]) by hekate.usta.de with esmtp (Exim 4.77) (envelope-from ) id 1YE4Kt-0005Z6-PJ; Thu, 22 Jan 2015 00:05:19 +0100 Received: from iris.usta.de ([172.24.96.5] helo=usta.de) by donnerwolke.usta.de with esmtp (Exim 4.80) (envelope-from ) id 1YE4Kt-00046N-Kr; Thu, 22 Jan 2015 00:05:19 +0100 Received: from schwarze by usta.de with local (Exim 4.77) (envelope-from ) id 1YE4Kt-0004OV-AP; Thu, 22 Jan 2015 00:05:19 +0100 Date: Thu, 22 Jan 2015 00:05:19 +0100 From: Ingo Schwarze To: Alexis Cc: Kristaps Dzonsons , tech@mdocml.bsd.lv Subject: Re: Allow configure variables to be set from environment Message-ID: <20150121230518.GF11796@iris.usta.de> References: <20150116215840.GF740@kei.fritz.box> <20150117010706.GH9772@iris.usta.de> <54BAC1A2.2060907@bsd.lv> <20150118033335.GA16562@iris.usta.de> <20150120151501.GA97151@kei> X-Mailinglist: mdocml-tech Reply-To: tech@mdocml.bsd.lv MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150120151501.GA97151@kei> User-Agent: Mutt/1.5.21 (2010-09-15) Hi Alexis, Alexis wrote on Tue, Jan 20, 2015 at 04:15:01PM +0100: > Ingo Schwarze wrote: >> Oh wait a minute. I think i see a solution. If we specifically >> allow mandoc to follow symlinks only into the homebrew tree, but >> nowhere else, that seems safe. It's a bit tricky to avoid race >> conditions, but i think there is a secure way to implement it. I just noticed there are more issues with race conditions, so i shall have to address that separately at some point. >> Is there are standardized place where homebrew installs its real >> files, and where nobody in their right mind would ever put any >> confidential data? Maybe /Cellar? Is that right? > Homebrew may be installed wherever a user desires (though /usr/local > is recommended) ranging from /opt/homebrew to $HOME/.brew. Because > of this Homebrew can also be installed and used without sudo > if the file permissions (e.g. homebrew group with write access) > are set up accordingly. > > Is it possible to to add a configure.local variable so that the suite > of mdocml tools are compiled specifically for the user's setup, i.e. > make the suggested "/Cellar" customizable? Yes, that is easy and makes sense to me. >> True, but the above might be a solution. If we manage to support >> that, it would actually be a safe man(1) for homebrew, much safer >> than the traditional BSD or man-db implementations. > This sounds even better. See below for a patch i just committed to the HEAD of the mandoc CVS. Kristaps, Alexis, are you able to test this on your Mac OS X boxes? The intended behaviour is: 1. If you compile without setting HOMEBREWDIR in configure.local or set it to a wrong value, makewhatis(8) is supposed to exlude homebrew-style linked manuals from mandoc.db(5) databases, like this: $ ./Bin/makewhatis -Dp Test /co/mdocml/Test/: /usr/share/man/man1/cat.1: outside base directory In this case, apropos(1) is not supposed to find and man(1) is not supposed to show them, and the released version 1.13.2 actually shouldn't. In CVS HEAD, man(1) currently shows them, anyway, like this: $ man -M Test cat man: outdated mandoc.db lacks cat(1) entry, consider running # makewhatis /co/mdocml/Test CAT(1) General Commands Manual CAT(1) NAME cat - concatenate and print files [...] I have to look into that... 2. If you compile with HOMEBREWDIR set correctly in configure.local, makewhatis(8), apropos(1), and man(1) are supposed to work as expected. Yours, Ingo Log Message: ----------- Support homebrew-style linking on Mac OS X. Idea found together with Alexis Hildebrandt . Modified Files: -------------- mdocml: configure configure.local.example mandocdb.c Revision Data ------------- Index: mandocdb.c =================================================================== RCS file: /home/cvs/mdocml/mdocml/mandocdb.c,v retrieving revision 1.183 retrieving revision 1.184 diff -Lmandocdb.c -Lmandocdb.c -u -p -r1.183 -r1.184 --- mandocdb.c +++ mandocdb.c @@ -613,7 +613,11 @@ treescan(void) say(path, "&realpath"); continue; } - if (strstr(buf, basedir) != buf) { + if (strstr(buf, basedir) != buf +#ifdef HOMEBREWDIR + && strstr(buf, HOMEBREWDIR) != buf +#endif + ) { if (warnings) say("", "%s: outside base directory", buf); continue; @@ -818,6 +822,10 @@ filescan(const char *file) start = buf; else if (strstr(buf, basedir) == buf) start = buf + strlen(basedir); +#ifdef HOMEBREWDIR + else if (strstr(buf, HOMEBREWDIR) == buf) + start = buf; +#endif else { exitcode = (int)MANDOCLEVEL_BADARG; say("", "%s: outside base directory", buf); Index: configure.local.example =================================================================== RCS file: /home/cvs/mdocml/mdocml/configure.local.example,v retrieving revision 1.2 retrieving revision 1.3 diff -Lconfigure.local.example -Lconfigure.local.example -u -p -r1.2 -r1.3 --- configure.local.example +++ configure.local.example @@ -1,6 +1,6 @@ # $Id$ # -# Copyright (c) 2014 Ingo Schwarze +# Copyright (c) 2014, 2015 Ingo Schwarze # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -152,6 +152,14 @@ BINM_APROPOS=mapropos # default is "apr BINM_MAN=mman # default is "man" BINM_WHATIS=mwhatis # default is "whatis" BINM_MAKEWHATIS=mandocdb # default is "makewhatis" + +# When using the "homebrew" package manager on Mac OS X, the actual +# manuals are located in a so-called "cellar" and only symlinked +# into the manual trees. To allow mandoc to follow such symlinks, +# you have to specify the physical location of the cellar as returned +# by realpath(3), for example: + +HOMEBREWDIR=/Cellar # --- user settings related man.cgi ------------------------------------ Index: configure =================================================================== RCS file: /home/cvs/mdocml/mdocml/configure,v retrieving revision 1.17 retrieving revision 1.18 diff -Lconfigure -Lconfigure -u -p -r1.17 -r1.18 --- configure +++ configure @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2014 Ingo Schwarze +# Copyright (c) 2014, 2015 Ingo Schwarze # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -70,6 +70,7 @@ INCLUDEDIR= LIBDIR= MANDIR= EXAMPLEDIR= +HOMEBREWDIR= WWWPREFIX="/var/www" HTDOCDIR= @@ -276,6 +277,7 @@ __HEREDOC__ echo echo "#define VERSION \"${VERSION}\"" [ -n "${OSNAME}" ] && echo "#define OSNAME \"${OSNAME}\"" +[ -n "${HOMEBREWDIR}" ] && echo "#define HOMEBREWDIR \"${HOMEBREWDIR}\"" cat << __HEREDOC__ #define HAVE_DIRENT_NAMLEN ${HAVE_DIRENT_NAMLEN} -- To unsubscribe send an email to tech+unsubscribe@mdocml.bsd.lv