Squash changes containing private information

There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository
author: Ismaël Bouya <ismael.bouya@normalesup.org> 2023-10-04 01:35:06 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2023-10-04 02:11:48 +0200
commit: 1a64deeb894dc95e2645a75771732c6cc53a79ad (patch)
tree: 1b9df4838f894577a09b9b260151756272efeb53 /flakes/mypackages/pkgs/rrsync_sudo/sudo.patch
parent: fa25ffd4583cc362075cd5e1b4130f33306103f0 (diff)
download: Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz
Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst
Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip
1 files changed, 20 insertions, 0 deletions
diff --git a/flakes/mypackages/pkgs/rrsync_sudo/sudo.patch b/flakes/mypackages/pkgs/rrsync_sudo/sudo.patch
new file mode 100644
index 0000000..6de9cc9
--- /dev/null
+++ b/flakes/mypackages/pkgs/rrsync_sudo/sudo.patch
@@ -0,0 +1,20 @@
+--- a/support/rrsync    2015-09-14 01:23:54.000000000 +0200
+++ b/support/rrsync    2020-02-08 13:55:14.302163313 +0100
+@@ -48,7 +48,7 @@
+ 
+ my $command = $ENV{SSH_ORIGINAL_COMMAND};
+ die "$0: Not invoked via sshd\n$Usage" unless defined $command;
+-die "$0: SSH_ORIGINAL_COMMAND='$command' is not rsync\n" unless $command =~ s/^rsync\s+//;
+die "$0: SSH_ORIGINAL_COMMAND='$command' is not rsync\n" unless $command =~ s/^sudo rsync\s+//;
+ die "$0: --server option is not first\n" unless $command =~ /^--server\s/;
+ our $am_sender = $command =~ /^--server\s+--sender\s/; # Restrictive on purpose!
+ die "$0 sending to read-only server not allowed\n" if $only eq 'r' && !$am_sender;
+@@ -227,7 +227,7 @@
+ }
+ 
+ # Note: This assumes that the rsync protocol will not be maliciously hijacked.
+-exec(RSYNC, @opts, @args) or die "exec(rsync @opts @args) failed: $? $!";
+exec("/usr/bin/sudo", RSYNC, @opts, @args) or die "exec(sudo rsync @opts @args) failed: $? $!";
+ 
+ sub check_arg
+ {
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2023-10-04 01:35:06 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2023-10-04 02:11:48 +0200
commit	1a64deeb894dc95e2645a75771732c6cc53a79ad (patch)
tree	1b9df4838f894577a09b9b260151756272efeb53 /flakes/mypackages/pkgs/rrsync_sudo/sudo.patch
parent	fa25ffd4583cc362075cd5e1b4130f33306103f0 (diff)
download	Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip

diff --git a/flakes/mypackages/pkgs/rrsync_sudo/sudo.patch b/flakes/mypackages/pkgs/rrsync_sudo/sudo.patch new file mode 100644 index 0000000..6de9cc9 --- /dev/null +++ b/flakes/mypackages/pkgs/rrsync_sudo/sudo.patch
@@ -0,0 +1,20 @@
	1	--- a/support/rrsync 2015-09-14 01:23:54.000000000 +0200
	2	+++ b/support/rrsync 2020-02-08 13:55:14.302163313 +0100
	3	@@ -48,7 +48,7 @@
	4
	5	my $command = $ENV{SSH_ORIGINAL_COMMAND};
	6	die "$0: Not invoked via sshd\n$Usage" unless defined $command;
	7	-die "$0: SSH_ORIGINAL_COMMAND='$command' is not rsync\n" unless $command =~ s/^rsync\s+//;
	8	+die "$0: SSH_ORIGINAL_COMMAND='$command' is not rsync\n" unless $command =~ s/^sudo rsync\s+//;
	9	die "$0: --server option is not first\n" unless $command =~ /^--server\s/;
	10	our $am_sender = $command =~ /^--server\s+--sender\s/; # Restrictive on purpose!
	11	die "$0 sending to read-only server not allowed\n" if $only eq 'r' && !$am_sender;
	12	@@ -227,7 +227,7 @@
	13	}
	14
	15	# Note: This assumes that the rsync protocol will not be maliciously hijacked.
	16	-exec(RSYNC, @opts, @args) or die "exec(rsync @opts @args) failed: $? $!";
	17	+exec("/usr/bin/sudo", RSYNC, @opts, @args) or die "exec(sudo rsync @opts @args) failed: $? $!";
	18
	19	sub check_arg
	20	{