From a6f43d09d7e015c0612bfe5980827fc8dfc4d12e Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Mon, 23 Jun 2014 17:38:36 +0200 Subject: [ticket/12693] Add a travis test that checks file permissions PHPBB3-12693 --- travis/check-executable-files.sh | 52 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 travis/check-executable-files.sh (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh new file mode 100644 index 0000000000..a5d4ded7e1 --- /dev/null +++ b/travis/check-executable-files.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# +# This file is part of the phpBB Forum Software package. +# +# @copyright (c) phpBB Limited +# @license GNU General Public License, version 2 (GPL-2.0) +# +# For full copyright and license information, please see +# the docs/CREDITS.txt file. +# +set -e + + +DB=$1 +TRAVIS_PHP_VERSION=$2 +path="$3" + +if [ "$TRAVIS_PHP_VERSION" == "5.5" -a "$DB" == "mysqli" ] +then + # Get the list of the executables files under a given path + # The part "-name 'develop' -o -name 'vendor'" defines a set + # of ignored directories. + # The part "-path '*/bin/phpbbcli.php' -o -name 'composer.phar'" + # defines a whitelist. + + executables_files=$( \ + find ${path} \ + '(' \ + '(' \ + -name 'develop' -o \ + -name 'vendor' \ + ')' \ + -a -type d -prune -a -type f \ + ')' \ + -o '(' \ + -not '(' \ + -path '*/bin/phpbbcli.php' -o \ + -name 'composer.phar' \ + ')' \ + -a '(' \ + -perm 755 -a \ + -type f \ + ')' \ + ')' \ + ) + + if [ "$executables_files" != '' ] + then + echo "$executables_files MUST NOT be executable."; + exit 1; + fi +fi \ No newline at end of file -- cgit v1.2.1 From 18207ae1eccacb2ef475a6b56c51f79aff01538e Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Mon, 23 Jun 2014 18:45:20 +0200 Subject: [ticket/12693] Fix indentation PHPBB3-12693 --- travis/check-executable-files.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index a5d4ded7e1..8a35634f15 100644 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -10,7 +10,6 @@ # set -e - DB=$1 TRAVIS_PHP_VERSION=$2 path="$3" @@ -46,7 +45,7 @@ then if [ "$executables_files" != '' ] then - echo "$executables_files MUST NOT be executable."; - exit 1; + echo "$executables_files MUST NOT be executable."; + exit 1; fi -fi \ No newline at end of file +fi -- cgit v1.2.1 From 636eac2cd25098cc0494f875a35903e8388ac0f8 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Mon, 23 Jun 2014 18:58:41 +0200 Subject: [ticket/12693] Check if the files have the right 644 And not only if they are executable. PHPBB3-12693 --- travis/check-executable-files.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 8a35634f15..a5403667f4 100644 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -37,15 +37,15 @@ then -name 'composer.phar' \ ')' \ -a '(' \ - -perm 755 -a \ - -type f \ + -type f -a \ + -not -perm 644 \ ')' \ ')' \ ) if [ "$executables_files" != '' ] then - echo "$executables_files MUST NOT be executable."; + echo "$executables_files MUST have the right 644."; exit 1; fi fi -- cgit v1.2.1 From f394f55fe27249bdb62e4e446b4974f425ffc3b6 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Mon, 23 Jun 2014 19:48:56 +0200 Subject: [ticket/12693] Fix the permissions PHPBB3-12693 --- travis/check-executable-files.sh | 1 + 1 file changed, 1 insertion(+) mode change 100644 => 100755 travis/check-executable-files.sh (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh old mode 100644 new mode 100755 index a5403667f4..99562d8925 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -9,6 +9,7 @@ # the docs/CREDITS.txt file. # set -e +set -x DB=$1 TRAVIS_PHP_VERSION=$2 -- cgit v1.2.1 From 30e13a429c894d5f1f31510d104043191ed3d1a3 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Mon, 23 Jun 2014 23:26:08 +0200 Subject: [ticket/12693] Check if the are executable and not if they are 644 PHPBB3-12693 --- travis/check-executable-files.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 99562d8925..78a0285f4e 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -38,15 +38,19 @@ then -name 'composer.phar' \ ')' \ -a '(' \ - -type f -a \ - -not -perm 644 \ + '(' \ + -type f -a \ + -perm +111 \ + ')' -o \ + -not -perm +600 \ ')' \ ')' \ ) if [ "$executables_files" != '' ] then - echo "$executables_files MUST have the right 644."; + ls -la $executables_files + echo "$executables_files MUST NOT be executable."; exit 1; fi fi -- cgit v1.2.1 From 949264507d688afaeb02eea8b781ea1c9709d7da Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Mon, 23 Jun 2014 23:33:51 +0200 Subject: [ticket/12693] Check the persmissions of the owner PHPBB3-12693 --- travis/check-executable-files.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 78a0285f4e..469ac4a496 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -9,7 +9,6 @@ # the docs/CREDITS.txt file. # set -e -set -x DB=$1 TRAVIS_PHP_VERSION=$2 @@ -42,7 +41,7 @@ then -type f -a \ -perm +111 \ ')' -o \ - -not -perm +600 \ + -not -perm -600 \ ')' \ ')' \ ) @@ -50,7 +49,7 @@ then if [ "$executables_files" != '' ] then ls -la $executables_files - echo "$executables_files MUST NOT be executable."; + echo "MUST NOT be executable and MUST be readable and writable by the owner."; exit 1; fi fi -- cgit v1.2.1 From ffcc1e9d9420e03eb5a1a208fbf5ab9ff60c2a26 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Tue, 24 Jun 2014 19:28:40 +0200 Subject: [ticket/12693] Extract exceptions, bin/* must be executable PHPBB3-12693 --- travis/check-executable-files.sh | 57 ++++++++++++++++++++++++---------------- 1 file changed, 34 insertions(+), 23 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 469ac4a496..6ec91145ba 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -16,40 +16,51 @@ path="$3" if [ "$TRAVIS_PHP_VERSION" == "5.5" -a "$DB" == "mysqli" ] then - # Get the list of the executables files under a given path - # The part "-name 'develop' -o -name 'vendor'" defines a set - # of ignored directories. - # The part "-path '*/bin/phpbbcli.php' -o -name 'composer.phar'" - # defines a whitelist. + # Check the permissions of the files - executables_files=$( \ + # Directories to skip + directories_skipped="-path ${path}develop -o -path ${path}vendor" + + # Files to skip + files_skipped="-name composer.phar" + + # Files which have to be executable + executable_files="-path ${path}bin/*" + + incorect_files=$( \ find ${path} \ '(' \ '(' \ - -name 'develop' -o \ - -name 'vendor' \ + ${directories_skipped} \ ')' \ -a -type d -prune -a -type f \ - ')' \ - -o '(' \ + ')' -o \ + '(' \ + -type f -a \ -not '(' \ - -path '*/bin/phpbbcli.php' -o \ - -name 'composer.phar' \ - ')' \ - -a '(' \ + ${files_skipped} \ + ')' -a \ '(' \ - -type f -a \ - -perm +111 \ - ')' -o \ - -not -perm -600 \ + '(' \ + '(' \ + ${executable_files} \ + ')' -a \ + -not -perm -100 \ + ')' -o \ + '(' \ + -not '(' \ + ${executable_files} \ + ')' -a \ + -perm +111 \ + ')' \ + ')' \ ')' \ - ')' \ - ) + ) - if [ "$executables_files" != '' ] + if [ "${incorect_files}" != '' ] then - ls -la $executables_files - echo "MUST NOT be executable and MUST be readable and writable by the owner."; + ls -la ${incorect_files} + echo "does not have the proper permissions."; exit 1; fi fi -- cgit v1.2.1 From 608117585764a231e6875f7c5c53f3132033139a Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Tue, 24 Jun 2014 19:46:33 +0200 Subject: [ticket/12693] Fix the query for bin/* PHPBB3-12693 --- travis/check-executable-files.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 6ec91145ba..0a52c031dd 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -25,7 +25,7 @@ then files_skipped="-name composer.phar" # Files which have to be executable - executable_files="-path ${path}bin/*" + executable_files="-path ${path}bin/\*" incorect_files=$( \ find ${path} \ @@ -45,7 +45,7 @@ then '(' \ ${executable_files} \ ')' -a \ - -not -perm -100 \ + -not -perm +100 \ ')' -o \ '(' \ -not '(' \ -- cgit v1.2.1 From d284675241689a1445bb7560b416979b8e9cdde7 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Tue, 24 Jun 2014 21:07:14 +0200 Subject: [ticket/12693] Expand manually the wildcard PHPBB3-12693 --- travis/check-executable-files.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 0a52c031dd..a6953dd0cf 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -9,7 +9,7 @@ # the docs/CREDITS.txt file. # set -e - +set -x DB=$1 TRAVIS_PHP_VERSION=$2 path="$3" @@ -18,6 +18,7 @@ if [ "$TRAVIS_PHP_VERSION" == "5.5" -a "$DB" == "mysqli" ] then # Check the permissions of the files + # The following variables MUST NOT contain any wildcard # Directories to skip directories_skipped="-path ${path}develop -o -path ${path}vendor" @@ -25,7 +26,7 @@ then files_skipped="-name composer.phar" # Files which have to be executable - executable_files="-path ${path}bin/\*" + executable_files="-path ${path}bin/phpbbcli.php" incorect_files=$( \ find ${path} \ -- cgit v1.2.1 From 5739a3da8f9ecc0cf9cee87ba50c51d156ad9fe7 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Tue, 22 Jul 2014 16:32:55 +0200 Subject: [ticket/12693] All the files in bin/ must be executable PHPBB3-12693 --- travis/check-executable-files.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index a6953dd0cf..61468809b3 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -26,7 +26,7 @@ then files_skipped="-name composer.phar" # Files which have to be executable - executable_files="-path ${path}bin/phpbbcli.php" + executable_files="-path ${path}bin/*" incorect_files=$( \ find ${path} \ -- cgit v1.2.1 From 92106d52d001e2085edb4443daf4b4c8aea27f92 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Wed, 30 Jul 2014 20:47:39 +0200 Subject: [ticket/12693] Force the composer.phar to be executable PHPBB3-12693 --- travis/check-executable-files.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 61468809b3..6f625a8cc7 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -23,12 +23,12 @@ then directories_skipped="-path ${path}develop -o -path ${path}vendor" # Files to skip - files_skipped="-name composer.phar" + files_skipped="" # Files which have to be executable - executable_files="-path ${path}bin/*" + executable_files="-path ${path}bin/* -o -path ${path}composer.phar" - incorect_files=$( \ + incorrect_files=$( \ find ${path} \ '(' \ '(' \ @@ -58,9 +58,9 @@ then ')' \ ) - if [ "${incorect_files}" != '' ] + if [ "${incorrect_files}" != '' ] then - ls -la ${incorect_files} + ls -la ${incorrect_files} echo "does not have the proper permissions."; exit 1; fi -- cgit v1.2.1 From 4328141fd28c08c6143c66697096f4decf7e1c01 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Thu, 31 Jul 2014 00:34:17 +0200 Subject: [ticket/12693] The files skipped list can not be empty PHPBB3-12693 --- travis/check-executable-files.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 6f625a8cc7..4af974751e 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -23,7 +23,7 @@ then directories_skipped="-path ${path}develop -o -path ${path}vendor" # Files to skip - files_skipped="" + files_skipped="-false" # Files which have to be executable executable_files="-path ${path}bin/* -o -path ${path}composer.phar" -- cgit v1.2.1 From 079f1e2f41c8eb221dc4072d7ac558c4ff77f773 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Thu, 7 Aug 2014 13:58:42 +0200 Subject: [ticket/12693] Fix composer.phar path PHPBB3-12693 --- travis/check-executable-files.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'travis') diff --git a/travis/check-executable-files.sh b/travis/check-executable-files.sh index 4af974751e..1d8b33d327 100755 --- a/travis/check-executable-files.sh +++ b/travis/check-executable-files.sh @@ -9,12 +9,13 @@ # the docs/CREDITS.txt file. # set -e -set -x + DB=$1 TRAVIS_PHP_VERSION=$2 -path="$3" +root="$3" +path="${root}phpBB/" -if [ "$TRAVIS_PHP_VERSION" == "5.5" -a "$DB" == "mysqli" ] +if [ "$TRAVIS_PHP_VERSION" == "5.3.3" -a "$DB" == "mysqli" ] then # Check the permissions of the files @@ -26,7 +27,7 @@ then files_skipped="-false" # Files which have to be executable - executable_files="-path ${path}bin/* -o -path ${path}composer.phar" + executable_files="-path ${path}bin/* -o -path ${root}composer.phar" incorrect_files=$( \ find ${path} \ @@ -60,8 +61,8 @@ then if [ "${incorrect_files}" != '' ] then + echo "The following files do not have proper permissions:"; ls -la ${incorrect_files} - echo "does not have the proper permissions."; exit 1; fi fi -- cgit v1.2.1