Tue, 9 May 2023 13:47:11 +0100 Andrew Cooper <andrew.coop...@citrix.com>:
> Why is this 700, and the others just using regular perms?
> Also, doesn't it want quoting like the other examples too?
It is not clear why there is a single mkdir -m 0700 in the tree.
Most likely it will not give any extra security.
The scripts source hotplug.sh, which defines a variable XEN_RUN_DIR.
I think it is better to use the shell variable instead of hardcoded paths.
Regarding quoting: there are many paths used without quoting.
For the beauty an additional (huge) change could be done to quote
everything. Not sure if it is worth the effort...
I will post a v3 with this relative change:
--- a/tools/hotplug/FreeBSD/rc.d/xencommons.in
+++ b/tools/hotplug/FreeBSD/rc.d/xencommons.in
@@ -34,7 +34,7 @@ xen_startcmd()
local time=0
local timeout=30
- mkdir -p "@XEN_RUN_DIR@"
+ mkdir -p "${XEN_RUN_DIR}"
xenstored_pid=$(check_pidfile ${XENSTORED_PIDFILE} ${XENSTORED})
if test -z "$xenstored_pid"; then
printf "Starting xenservices: xenstored, xenconsoled."
--- a/tools/hotplug/FreeBSD/rc.d/xendriverdomain.in
+++ b/tools/hotplug/FreeBSD/rc.d/xendriverdomain.in
@@ -27,7 +27,7 @@ xendriverdomain_start()
{
printf "Starting xenservices: xl devd."
- mkdir -p "@XEN_RUN_DIR@"
+ mkdir -p "${XEN_RUN_DIR}"
PATH="${bindir}:${sbindir}:$PATH" ${sbindir}/xl devd --pidfile
${XLDEVD_PIDFILE} ${XLDEVD_ARGS}
printf "\n"
--- a/tools/hotplug/Linux/init.d/xendriverdomain.in
+++ b/tools/hotplug/Linux/init.d/xendriverdomain.in
@@ -49,7 +49,7 @@ fi
do_start () {
echo Starting xl devd...
- mkdir -m700 -p @XEN_RUN_DIR@
+ mkdir -p "${XEN_RUN_DIR}"
${sbindir}/xl devd --pidfile=$XLDEVD_PIDFILE $XLDEVD_ARGS
}
do_stop () {
--- a/tools/hotplug/NetBSD/rc.d/xendriverdomain.in
+++ b/tools/hotplug/NetBSD/rc.d/xendriverdomain.in
@@ -23,7 +23,7 @@ XLDEVD_PIDFILE="@XEN_RUN_DIR@/xldevd.pid"
xendriverdomain_precmd()
{
- mkdir -p "@XEN_RUN_DIR@"
+ mkdir -p "${XEN_RUN_DIR}"
}
xendriverdomain_startcmd()
pgpfEm89B51zQ.pgp
Description: Digitale Signatur von OpenPGP
