Elektra
0.9.10
|
This plugin checks whether the value of a key is a valid file system path and optionally if correct permissions are set for a certain user.
See installation. The package is called libelektra5-extra
.
The motivation to write this plugin is given by the two paths that exist in /etc/fstab: the device file and the mountpoint. A missing file is not necessarily an error, because the device file may appear later when a device is plugged in and the mountpoint may be there when another subsequent mount was executed. So only warnings are yielded in that case. One situation, however, presents an error: Only an absolute path is allowed to occur for both device and mountpoint. When checking for relative files, it is not enough to look at the first character if it is a /
, because remote file systems and some special names are valid, too.
If check/path/mode = <permission>
is also present it will check for the correct permissions of the file/directory. Optionally, you can also add check/path/user = <user>"
which then checks the permissions for the given user. When calling kdb set
on the actual key, you have to run as root
user or the file permissions cannot be checked (you will receive an error message). It is also possible to leave the check/path/user
empty (just provide an empty string) which then takes the executing user as target to check. So for example sudo kdb set ...
will check if root
can access the target file/directory whereas kdb set ...
will take the current executing process/user. If check/path/user
is not given at all, the plugin will check accessibility for the root
user only (which again requires sudo
)
check/path/mode = rw
and check/path/user = tomcat
for example will check if the user tomcat
has read and write access to the path which was set for the key. Please note that the file has to exist already and it is not checked if the user has the right to create a file in the directory.
Permissions available:
r
: **R**eadw
: **W**ritex
: e**X**ecuteIf the metakey check/path
is present, it is checked if the value is a valid absolute file system path. If a metavalue is present, an additional check will be done if it is a directory or device file.
An example on which the user should have no permission at all for the root directory.
An example where part of the permissions are missing for a tmp file
Add a check which ensures that the given path is a file/directory/symbolic link/hard link/etc.