On Mon, May 24, 2010 at 04:12:14PM +0300, Michael S. Tsirkin wrote:
> This fixes /tmp usage in make-release script for security.
> Also, create output directory if it does not exist.
> This also adds a 'tarball' optin to specify output file name.
> Finally, remote output file before gzip to avoid prompt
> 'do you want to overwrite'.
>
> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
Ping. Please review/apply.
> ---
> kvm/scripts/make-release | 13 ++++++++++---
> 1 files changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/kvm/scripts/make-release b/kvm/scripts/make-release
> index 11d9c27..fdc402b 100755
> --- a/kvm/scripts/make-release
> +++ b/kvm/scripts/make-release
> @@ -1,7 +1,7 @@
> #!/bin/bash -e
>
> usage() {
> - echo "usage: $0 [--upload] [--formal] commit [name]"
> + echo "usage: $0 [--upload] [--formal] commit [name] [tarball]"
> exit 1
> }
>
> @@ -12,7 +12,7 @@ formal=
>
> releasedir=~/sf-release
> [[ -z "$TMP" ]] && TMP="/tmp"
> -tmpdir="$TMP/qemu-kvm-make-release.$$"
> +tmpdir=`mktemp -d --tmpdir="$TMP" qemu-kvm-make-release.XXXXXXXXXX`
> while [[ "$1" = -* ]]; do
> opt="$1"
> shift
> @@ -40,9 +40,15 @@ if [[ -z "$name" ]]; then
> name="$commit"
> fi
>
> -tarball="$releasedir/$name.tar"
> +tarball="$3"
> +if [[ -z "$tarball" ]]; then
> + tarball="$releasedir/$name.tar.gz"
> +fi
> +#strip trailing .gz if any
> +tarball=${tarball/%.gz/}
>
> cd "$(dirname "$0")"/../..
> +mkdir -p "$(dirname "$tarball")"
> git archive --prefix="$name/" --format=tar "$commit" > "$tarball"
>
> mkdir -p "$tmpdir"
> @@ -59,6 +65,7 @@ if [[ -n "$formal" ]]; then
> rm -rf "$tmpdir"
> fi
>
> +rm -f "$tarball.gz"
> gzip -9 "$tarball"
> tarball="$tarball.gz"
>
> --
> 1.7.1.12.g42b7f
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
