Merge pull request #3889 from leycec/compaudit

Repair `zsh` Path Permissions on `oh-my-zsh` Startup under Cygwin
pull/4103/merge
Robby Russell 2015-09-19 08:40:34 -07:00
commit 56cdec7534
3 changed files with 86 additions and 6 deletions

60
lib/compfix.zsh Normal file
View File

@ -0,0 +1,60 @@
# Handle completions insecurities (i.e., completion-dependent directories with
# insecure ownership or permissions) by:
#
# * Human-readably notifying the user of these insecurities.
# * Moving away all existing completion caches to a temporary directory. Since
# any of these caches may have been generated from insecure directories, they
# are all suspect now. Failing to do so typically causes subsequent compinit()
# calls to fail with "command not found: compdef" errors. (That's bad.)
function handle_completion_insecurities() {
# List of the absolute paths of all unique insecure directories, split on
# newline from compaudit()'s output resembling:
#
# There are insecure directories:
# /usr/share/zsh/site-functions
# /usr/share/zsh/5.0.6/functions
# /usr/share/zsh
# /usr/share/zsh/5.0.6
#
# Since the ignorable first line is printed to stderr and thus not captured,
# stderr is squelched to prevent this output from leaking to the user.
local -aU insecure_dirs
insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} )
# If no such directories exist, get us out of here.
if (( ! ${#insecure_dirs} )); then
print "[oh-my-zsh] No insecure completion-dependent directories detected."
return
fi
# List ownership and permissions of all insecure directories.
print "[oh-my-zsh] Insecure completion-dependent directories detected:"
ls -ld "${(@)insecure_dirs}"
print "[oh-my-zsh] For safety, completions will be disabled until you manually fix all"
print "[oh-my-zsh] insecure directory permissions and ownership and restart oh-my-zsh."
print "[oh-my-zsh] See the above list for directories with group or other writability.\n"
# Locally enable the "NULL_GLOB" option, thus removing unmatched filename
# globs from argument lists *AND* printing no warning when doing so. Failing
# to do so prints an unreadable warning if no completion caches exist below.
setopt local_options null_glob
# List of the absolute paths of all unique existing completion caches.
local -aU zcompdump_files
zcompdump_files=( "${ZSH_COMPDUMP}"(.) "${ZDOTDIR:-${HOME}}"/.zcompdump* )
# Move such caches to a temporary directory.
if (( ${#zcompdump_files} )); then
# Absolute path of the directory to which such files will be moved.
local ZSH_ZCOMPDUMP_BAD_DIR="${ZSH_CACHE_DIR}/zcompdump-bad"
# List such files first.
print "[oh-my-zsh] Insecure completion caches also detected:"
ls -l "${(@)zcompdump_files}"
# For safety, move rather than permanently remove such files.
print "[oh-my-zsh] Moving to \"${ZSH_ZCOMPDUMP_BAD_DIR}/\"...\n"
mkdir -p "${ZSH_ZCOMPDUMP_BAD_DIR}"
mv "${(@)zcompdump_files}" "${ZSH_ZCOMPDUMP_BAD_DIR}/"
fi
}

View File

@ -8,6 +8,9 @@ fi
# add a function path # add a function path
fpath=($ZSH/functions $ZSH/completions $fpath) fpath=($ZSH/functions $ZSH/completions $fpath)
# Load all stock functions (from $fpath files) called below.
autoload -U compaudit compinit
# Set ZSH_CUSTOM to the path where your custom config files # Set ZSH_CUSTOM to the path where your custom config files
# and plugins exists, or else we will use the default custom/ # and plugins exists, or else we will use the default custom/
if [[ -z "$ZSH_CUSTOM" ]]; then if [[ -z "$ZSH_CUSTOM" ]]; then
@ -59,9 +62,14 @@ if [ -z "$ZSH_COMPDUMP" ]; then
ZSH_COMPDUMP="${ZDOTDIR:-${HOME}}/.zcompdump-${SHORT_HOST}-${ZSH_VERSION}" ZSH_COMPDUMP="${ZDOTDIR:-${HOME}}/.zcompdump-${SHORT_HOST}-${ZSH_VERSION}"
fi fi
# Load and run compinit # If completion insecurities exist, warn the user without enabling completions.
autoload -U compinit if ! compaudit &>/dev/null; then
compinit -i -d "${ZSH_COMPDUMP}" # This function resides in the "lib/compfix.zsh" script sourced above.
handle_completion_insecurities
# Else, enable and cache completions to the desired file.
else
compinit -d "${ZSH_COMPDUMP}"
fi
# Load all of the plugins that were defined in ~/.zshrc # Load all of the plugins that were defined in ~/.zshrc
for plugin ($plugins); do for plugin ($plugins); do

View File

@ -16,6 +16,13 @@ if [ -d "$ZSH" ]; then
exit exit
fi fi
# Prevent the cloned repository from having insecure permissions. Failing to do
# so causes compinit() calls to fail with "command not found: compdef" errors
# for users with insecure umasks (e.g., "002", allowing group writability). Note
# that this will be ignored under Cygwin by default, as Windows ACLs take
# precedence over umasks except for filesystems mounted with option "noacl".
umask g-w,o-w
echo "\033[0;34mCloning Oh My Zsh...\033[0m" echo "\033[0;34mCloning Oh My Zsh...\033[0m"
hash git >/dev/null 2>&1 && env git clone --depth=1 https://github.com/robbyrussell/oh-my-zsh.git $ZSH || { hash git >/dev/null 2>&1 && env git clone --depth=1 https://github.com/robbyrussell/oh-my-zsh.git $ZSH || {
echo "git not installed" echo "git not installed"
@ -41,12 +48,17 @@ export PATH=\"$PATH\"
" ~/.zshrc > ~/.zshrc-omztemp " ~/.zshrc > ~/.zshrc-omztemp
mv -f ~/.zshrc-omztemp ~/.zshrc mv -f ~/.zshrc-omztemp ~/.zshrc
TEST_CURRENT_SHELL=$(expr "$SHELL" : '.*/\(.*\)') # If this user's login shell is not already "zsh", attempt to switch.
if [ "$TEST_CURRENT_SHELL" != "zsh" ]; then if [ "$(expr "$SHELL" : '.*/\(.*\)')" != "zsh" ]; then
# If this platform provides a "chsh" command (not Cygwin), do it, man!
if hash chsh >/dev/null 2>&1; then
echo "\033[0;34mTime to change your default shell to zsh!\033[0m" echo "\033[0;34mTime to change your default shell to zsh!\033[0m"
chsh -s $(grep /zsh$ /etc/shells | tail -1) chsh -s $(grep /zsh$ /etc/shells | tail -1)
# Else, suggest the user do so manually.
else
echo "\033[0;34mPlease manually change your default shell to zsh!\033[0m"
fi
fi fi
unset TEST_CURRENT_SHELL
echo "\033[0;32m"' __ __ '"\033[0m" echo "\033[0;32m"' __ __ '"\033[0m"
echo "\033[0;32m"' ____ / /_ ____ ___ __ __ ____ _____/ /_ '"\033[0m" echo "\033[0;32m"' ____ / /_ ____ ___ __ __ ____ _____/ /_ '"\033[0m"