Making rebuildrepo user-usable and user-safe.

3 files changed, 23 insertions, 13 deletions

diff --git a/pinyadmin/bin/pinyhelp b/pinyadmin/bin/pinyhelp
index 3a248d1..5e65540 100755
--- a/pinyadmin/bin/pinyhelp
+++ b/pinyadmin/bin/pinyhelp
@@ -7,17 +7,18 @@ else
 fi
 echo
 
-if [ -x /srv/rbin/lsrepo     ]; then echo "List repositories:                           lsrepo"; fi
-if [ -x /srv/rbin/newrepo    ]; then echo "Create a new repository (interactive):       newrepo <reponame>"; fi
-if [ -x /srv/rbin/rmrepo     ]; then echo "Remove an existing repository:               rmrepo <reponame>"; fi
-if [ -x /srv/rbin/lsaccess   ]; then echo "List repositories you have access to:        lsaccess";
-                                     echo "List users with access to a repository:      lsaccess <reponame>"; fi
-if [ -x /srv/rbin/addaccess  ]; then echo "Add access to a repository for a user:       addaccess <reponame> <username>"; fi
-if [ -x /srv/rbin/rmaccess   ]; then echo "Remove access to a repository for a user:    rmaccess <reponame> <username>"; fi
-if [ -x /srv/rbin/newuser    ]; then echo "Create a new user (interactive):             newuser"; fi
-if [ -x /srv/rbin/passwd     ]; then echo "Change your password (interactive):          passwd"; fi
-if [ -x /srv/rbin/writekeys  ]; then echo "Write to SSH authorized_keys (stdin):        writekeys"; fi
-if [ -x /srv/rbin/appendkeys ]; then echo "Append to SSH authorized_keys (stdin):       appendkeys"; fi
-if [ -x /srv/rbin/readkeys   ]; then echo "Read from SSH authorized_keys:               readkeys"; fi
+if [ -x /srv/rbin/lsrepo      ]; then echo "List repositories:                           lsrepo"; fi
+if [ -x /srv/rbin/newrepo     ]; then echo "Create a new repository (interactive):       newrepo <reponame>"; fi
+if [ -x /srv/rbin/rmrepo      ]; then echo "Remove an existing repository:               rmrepo <reponame>"; fi
+if [ -x /srv/rbin/lsaccess    ]; then echo "List repositories you have access to:        lsaccess";
+                                      echo "List users with access to a repository:      lsaccess <reponame>"; fi
+if [ -x /srv/rbin/addaccess   ]; then echo "Add access to a repository for a user:       addaccess <reponame> <username>"; fi
+if [ -x /srv/rbin/rmaccess    ]; then echo "Remove access to a repository for a user:    rmaccess <reponame> <username>"; fi
+if [ -x /srv/rbin/newuser     ]; then echo "Create a new user (interactive):             newuser"; fi
+if [ -x /srv/rbin/passwd      ]; then echo "Change your password (interactive):          passwd"; fi
+if [ -x /srv/rbin/writekeys   ]; then echo "Write to SSH authorized_keys (stdin):        writekeys"; fi
+if [ -x /srv/rbin/appendkeys  ]; then echo "Append to SSH authorized_keys (stdin):       appendkeys"; fi
+if [ -x /srv/rbin/readkeys    ]; then echo "Read from SSH authorized_keys:               readkeys"; fi
 
-if [ -x /srv/rbin/pinyconfig ]; then echo "Change config variables for your repository: pinyconfig <reponame> <variablename> [value]"; fi
+if [ -x /srv/rbin/pinyconfig  ]; then echo "Change config variables for your repository: pinyconfig <reponame> <variablename> [value]"; fi
+if [ -x /srv/rbin/rebuildrepo ]; then echo "Rebuild repository after changing config:    rebuildrepo <reponame>"; fi
diff --git a/pinyadmin/bin/rebuildrepo b/pinyadmin/bin/rebuildrepo
new file mode 100755
index 0000000..37d83f8
--- /dev/null
+++ b/pinyadmin/bin/rebuildrepo
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/sudo /usr/sbin/rebuildrepo "$@"
diff --git a/pinyadmin/sbin/rebuildrepo b/pinyadmin/sbin/rebuildrepo
index 9d4e359..2ddc33b 100755
--- a/pinyadmin/sbin/rebuildrepo
+++ b/pinyadmin/sbin/rebuildrepo
@@ -5,10 +5,17 @@ use warnings;
 
 use Piny;
 
+my $env = Piny::Environment->instance( );
+
 foreach my $reponame ( @ARGV ) {
 
   my $repo = Piny::Repo->new( $reponame );
 
+  if ( $env->user->uid != 0 and $repo->owner->uid != $env->user->uid ) {
+    print STDERR "You are not the owner of $reponame!\n";
+    exit 1;
+  };
+
   $repo->rebuild;
 
 };