From: Mark Wooding Date: Mon, 8 Jul 2024 00:35:26 +0000 (+0100) Subject: chkpath.c, tmpdir.c, chpath.1, tmpdir.1: Sort lists of options. X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/checkpath/commitdiff_plain/3230bee80a97e186f44eaf40b1403091ab76dbaa?ds=sidebyside chkpath.c, tmpdir.c, chpath.1, tmpdir.1: Sort lists of options. --- diff --git a/chkpath.1 b/chkpath.1 index a4fbd2d..fe4c968 100644 --- a/chkpath.1 +++ b/chkpath.1 @@ -4,7 +4,7 @@ chkpath \- check a path string for security .SH SYNOPSIS .B chkpath -.RB [ \-vqstp ] +.RB [ \-pqstv ] .RB [ \-g .IR group ] .RI [ path ...] @@ -56,14 +56,6 @@ version number. .B "\-u, \-\-usage" Displays a very terse usage summary. .TP -.B "\-v, \-\-verbose" -Makes -.B chkpath -more verbose about what it's doing. This option has a cumulative -effect, so put more in for more verbosity. Note that verbose doesn't -mean the same as interesting. The default is to report problems with -directories and system errors. -.TP .BI "\-g, \-\-group " group Consider members of .I group @@ -77,6 +69,21 @@ may be a group name (looked up in .BR /etc/group ) or a numeric gid in decimal. .TP +.B "\-p, \-\-print" +Writes on standard output a colon-separated list of the directories +which +.B chkpath +considered `safe'. This can be used to filter out unsafe directories in +an automatic way: +.RS 10 +.nf +.ft B +.sp 1 +PATH=`chkpath -qqp` +.ft R +.fi +.RE +.TP .B "\-q, \-\-quiet" Makes .B chkpath @@ -106,20 +113,13 @@ of. In other words, it trusts your fellow group-members .B chkpath will still warn about directories owned by people in your groups. .TP -.B "\-p, \-\-print" -Writes on standard output a colon-separated list of the directories -which +.B "\-v, \-\-verbose" +Makes .B chkpath -considered `safe'. This can be used to filter out unsafe directories in -an automatic way: -.RS 10 -.nf -.ft B -.sp 1 -PATH=`chkpath -qqp` -.ft R -.fi -.RE +more verbose about what it's doing. This option has a cumulative +effect, so put more in for more verbosity. Note that verbose doesn't +mean the same as interesting. The default is to report problems with +directories and system errors. .SH BUGS None known. .SH SEE ALSO diff --git a/chkpath.c b/chkpath.c index babf613..e118c9e 100644 --- a/chkpath.c +++ b/chkpath.c @@ -57,7 +57,7 @@ static void report(unsigned what, int verbose, /* --- @usage@ --- */ static void usage(FILE *fp) - { fprintf(fp, "Usage: %s [-vqstp] [-g NAME] [PATH...]\n", QUIS); } + { fprintf(fp, "Usage: %s [-pqstv] [-g NAME] [PATH...]\n", QUIS); } /* --- @version@ --- */ @@ -83,13 +83,13 @@ Options provided are:\n\ -V, --version Display the program's version number.\n\ -u, --usage Show a terse usage summary.\n\ \n\ --v, --verbose Be verbose about the search progress (cumulative).\n\ +-g, --group NAME Consider members of group NAME trustworthy.\n\ +-p, --print Write the secure path elements to standard output.\n\ -q, --quiet Be quiet about the search progress (cumulative).\n\ -s, --sticky Consider sticky directories secure against\n\ modification by world and group (not recommended).\n\ -t, --trust-group Consider other members of your group trustworthy.\n\ --g, --group NAME Consider members of group NAME trustworthy.\n\ --p, --print Write the secure path elements to standard output.\n\ +-v, --verbose Be verbose about the search progress (cumulative).\n\ ", fp); } @@ -126,14 +126,14 @@ int main(int argc, char *argv[]) { "version", 0, 0, 'V' }, { "usage", 0, 0, 'u' }, { "group", OPTF_ARGREQ, 0, 'g' }, - { "verbose", 0, 0, 'v' }, + { "print", 0, 0, 'p' }, { "quiet", 0, 0, 'q' }, { "sticky", 0, 0, 's' }, { "trust-group", 0, 0, 't' }, - { "print", 0, 0, 'p' }, + { "verbose", 0, 0, 'v' }, { 0, 0, 0, 0 } }; - int i = mdwopt(argc, argv, "hVu" "vqstpg:", opts, 0, 0, 0); + int i = mdwopt(argc, argv, "hVu" "g:pqstv", opts, 0, 0, 0); if (i < 0) break; @@ -147,8 +147,11 @@ int main(int argc, char *argv[]) case 'u': usage(stdout); exit(0); - case 'v': - cp.cp_verbose++; + case 'g': + allowgroup(&cp, optarg); + break; + case 'p': + f |= f_print; break; case 'q': if (cp.cp_verbose) @@ -161,11 +164,8 @@ int main(int argc, char *argv[]) if (checkpath_setgid(&cp) || checkpath_setgroups(&cp)) die(1, "too many groups"); break; - case 'g': - allowgroup(&cp, optarg); - break; - case 'p': - f |= f_print; + case 'v': + cp.cp_verbose++; break; default: bad = 1; diff --git a/tmpdir.1 b/tmpdir.1 index 93573f2..a1a1700 100644 --- a/tmpdir.1 +++ b/tmpdir.1 @@ -5,10 +5,10 @@ tmpdir \- choose, or check a choice of, temporary directory .SH SYNOPSIS .B tmpdir .RB [ \-bcv ] -.RB [ \-g -.IR group ] .RB [ \-C .IR dir ] +.RB [ \-g +.IR group ] .SH USAGE The .B tmpdir @@ -66,6 +66,12 @@ temporary directory is the least of your worries. .SS Options The following options are supported: .TP +.BI "\-C, \-\-check " dir +Don't try to find a temporary directory; just see whether +.I dir +is secure, and exit successfully if it is (and unsuccessfully if it +isn't). +.TP .B "\-b, \-\-bourne" Output an assignment using Bourne shell syntax. The default is to examine the user's shell and decide which syntax to use based on that. @@ -80,12 +86,6 @@ consider directories they can write to be safe. .TP .B "-v, \-\-verbose" Report problems to standard error. Repeat for more verbosity. -.TP -.BI "\-C, \-\-check " dir -Don't try to find a temporary directory; just see whether -.I dir -is secure, and exit successfully if it is (and unsuccessfully if it -isn't). .SH BUGS None known. .SH SEE ALSO diff --git a/tmpdir.c b/tmpdir.c index 764f9bd..574e16f 100644 --- a/tmpdir.c +++ b/tmpdir.c @@ -258,7 +258,7 @@ static void report(unsigned what, int verbose, /* --- @usage@ --- */ static void usage(FILE *fp) - { fprintf(fp, "Usage: %s [-bcv] [-g NAME] [-C PATH]\n", QUIS); } + { fprintf(fp, "Usage: %s [-bcv] [-C PATH] [-g NAME]\n", QUIS); } /* --- @version@ --- */ @@ -285,11 +285,11 @@ Options supported:\n\ -V, --version Display the program's version number.\n\ -u, --usage Display a terse usage summary.\n\ \n\ +-C, --check PATH Check whether PATH is good, setting exit status.\n\ -b, --bourne Output a `TMPDIR' setting for Bourne shell users.\n\ -c, --cshell Output a `TMPDIR' setting for C shell users.\n\ --v, --verbose Report problems to standard error.\n\ -g, --group NAME Trust group NAME to be honest and true.\n\ --C, --check PATH Check whether PATH is good, setting exit status.\n\ +-v, --verbose Report problems to standard error.\n\ \n\ The default action is to examine the caller's shell and output a suitable\n\ setting for that shell type.\n\ @@ -339,15 +339,15 @@ int main(int argc, char *argv[]) { "help", 0, 0, 'h' }, { "version", 0, 0, 'V' }, { "usage", 0, 0, 'u' }, - { "bourne", 0, 0, 'b' }, - { "cshell", 0, 0, 'c' }, { "check", OPTF_ARGREQ, 0, 'C' }, { "verify", OPTF_ARGREQ, 0, 'C' }, - { "verbose", 0, 0, 'v' }, + { "bourne", 0, 0, 'b' }, + { "cshell", 0, 0, 'c' }, { "group", OPTF_ARGREQ, 0, 'g' }, + { "verbose", 0, 0, 'v' }, { 0, 0, 0, 0 } }; - int i = mdwopt(argc, argv, "hVu" "bcvg:C:", opts, 0, 0, 0); + int i = mdwopt(argc, argv, "hVu" "C:bcg:v", opts, 0, 0, 0); if (i < 0) break; @@ -361,15 +361,15 @@ int main(int argc, char *argv[]) case 'u': usage(stdout); exit(0); + case 'C': + return (!fullcheck(optarg)); + break; case 'b': shell = sh_bourne; break; case 'c': shell = sh_csh; break; - case 'C': - return (!fullcheck(optarg)); - break; case 'g': allowgroup(&cp, optarg); break;