Freeze break request: cron to check for anonymous trac permissions
Ricky Elrod
codeblock at elrod.me
Wed Sep 10 20:39:12 UTC 2014
A few inline comments about the .sh file.
On 09/10/2014 04:09 PM, Patrick Uiterwijk wrote:
> @@ -0,0 +1,12 @@
> +#!/bin/bash
> +for project in `ls /srv/web/trac/projects`;
Probably better to iterate over a glob instead, to handle weird
filenames. They shouldn't exist, but it is always a possibility and
something could go weird if they do.
> +do
> + PERMISSIONS="`sqlite3 /srv/web/trac/projects/$project/db/trac.db "select action from permission where username='anonymous';" | grep 'CREATE\|APPEND\|EDIT\|MODIFY'`"
> + if [ "" != "$PERMISSIONS" ];
> + then
> + echo -n $project
Double-quote $project to prevent accidental globbing.
> + echo -n ": "
> + echo $PERMISSIONS
Same here with $PERMISSIONS.
And (less important), backtick syntax is deprecated, prefer $(...)
instead. See http://mywiki.wooledge.org/BashFAQ/082.
+1 after everything except the backtick syntax (which I don't consider a
blocker but should be easy to fix if you feel like it).
-Ricky
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20140910/ccdc2048/attachment.sig>
More information about the infrastructure
mailing list