From fc189e9a577d6a940ac8eefaae5913dd67a95953 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 23 Apr 2022 13:44:44 -0700 Subject: rename ASSERT-EUID-ROOT -> ASSERT-REMOTE-EUID-ROOT Signed-off-by: Sean Whitton --- src/property/apt.lisp | 2 +- src/property/disk.lisp | 2 +- src/property/grub.lisp | 2 +- src/property/installer.lisp | 4 ++-- src/property/locale.lisp | 2 +- src/property/mount.lisp | 2 +- src/property/service.lisp | 4 ++-- src/property/sshd.lisp | 2 +- src/property/user.lisp | 8 ++++---- 9 files changed, 14 insertions(+), 14 deletions(-) (limited to 'src/property') diff --git a/src/property/apt.lisp b/src/property/apt.lisp index d1bf892..4aded1d 100644 --- a/src/property/apt.lisp +++ b/src/property/apt.lisp @@ -107,7 +107,7 @@ Typically used with the ON-CHANGE combinator." (declare (ignore package triples)) (os:required 'os:debianlike)) (:apply - (assert-euid-root) + (assert-remote-euid-root) (run :input (unlines (loop for triple in triples collect #?"${package} @{triple}")) diff --git a/src/property/disk.lisp b/src/property/disk.lisp index 582bcf5..e9c35e6 100644 --- a/src/property/disk.lisp +++ b/src/property/disk.lisp @@ -513,7 +513,7 @@ We do not specify what logical volumes it contains.")) (:desc "Host LVM logical volumes all exist") (:hostattrs (os:required 'os:linux)) (:apply - (assert-euid-root) + (assert-remote-euid-root) (let* ((existing-lvs (loop for (lv vg) in (mapcar #'words (cdr (runlines "lvs"))) collect (cons lv vg))) diff --git a/src/property/grub.lisp b/src/property/grub.lisp index 114eb05..7ce6403 100644 --- a/src/property/grub.lisp +++ b/src/property/grub.lisp @@ -39,7 +39,7 @@ "Use grub-install(8) to install grub to VOLUME." (:desc "GRUB installed") (:apply - (assert-euid-root) + (assert-remote-euid-root) (mrun :inform "update-initramfs" "-u") (let ((os-prober (and (not running-on-target) (remote-exists-p "/etc/grub.d/30_os-prober")))) diff --git a/src/property/installer.lisp b/src/property/installer.lisp index 0791918..26bcd8b 100644 --- a/src/property/installer.lisp +++ b/src/property/installer.lisp @@ -70,7 +70,7 @@ BOOTLOADER-TYPE to VOLUME.")) (defprop %update-target-from-chroot :posix (chroot target) (:desc #?"Updated ${target} from ${chroot}") (:apply - (assert-euid-root) + (assert-remote-euid-root) (run "rsync" "-PSavx" "--delete" (loop for volume in (mapcan (curry #'subvolumes-of-type 'mounted-filesystem) @@ -169,7 +169,7 @@ using a combinator like ON-CHANGE, or applied manually with DEPLOY-THESE." (defprop %root-filesystems-flipped :lisp (new-os old-os) (:hostattrs (os:required 'os:linux)) (:apply - (assert-euid-root) + (assert-remote-euid-root) (let ((new-os (ensure-directory-pathname new-os)) (old-os (ensure-directories-exist (ensure-directory-pathname old-os))) diff --git a/src/property/locale.lisp b/src/property/locale.lisp index eafde35..135fbb7 100644 --- a/src/property/locale.lisp +++ b/src/property/locale.lisp @@ -21,7 +21,7 @@ (defprop %available :posix (locale) (:desc (declare (ignore locale)) "/etc/locale.gen updated") (:apply - (assert-euid-root) + (assert-remote-euid-root) (file:map-remote-file-lines "/etc/locale.gen" (lambda (lines) diff --git a/src/property/mount.lisp b/src/property/mount.lisp index 733f0b5..307df5a 100644 --- a/src/property/mount.lisp +++ b/src/property/mount.lisp @@ -25,7 +25,7 @@ the mount is not actually active." (:desc #?"${target} mounted") (:hostattrs (os:required 'os:linux)) (:check (zerop (mrun :for-exit "findmnt" target))) - (:apply (assert-euid-root) + (:apply (assert-remote-euid-root) (file:directory-exists target) (mrun "mount" target))) diff --git a/src/property/service.lisp b/src/property/service.lisp index 3074103..b0c829b 100644 --- a/src/property/service.lisp +++ b/src/property/service.lisp @@ -32,11 +32,11 @@ (defprop %policy-rc.d :posix () (:apply - (assert-euid-root) + (assert-remote-euid-root) (file:has-content +policyrcd+ '("#!/bin/sh" "exit 101")) (file:has-mode +policyrcd+ #o755)) (:unapply - (assert-euid-root) + (assert-remote-euid-root) (file:does-not-exist +policyrcd+))) (defproplist no-services :posix () diff --git a/src/property/sshd.lisp b/src/property/sshd.lisp index 7f35195..8d1022c 100644 --- a/src/property/sshd.lisp +++ b/src/property/sshd.lisp @@ -41,7 +41,7 @@ To prevent lockouts, also enables logging in as root with an SSH key, and refuses to proceed if root has no authorized_keys." (:desc "SSH passwords disabled") (:apply - (assert-euid-root) + (assert-remote-euid-root) (unless (and (remote-exists-p ".ssh/authorized_keys") (plusp (length (read-remote-file ".ssh/authorized_keys")))) (failed-change "root has no authorized_keys")) diff --git a/src/property/user.lisp b/src/property/user.lisp index 1a49e5d..74d4737 100644 --- a/src/property/user.lisp +++ b/src/property/user.lisp @@ -26,7 +26,7 @@ Note that this uses getent(1) and so is not strictly POSIX-compatible." (:check (user-exists username)) (:apply - (assert-euid-root) + (assert-remote-euid-root) (mrun "useradd" "-m" username))) (defprop %has-uid-gid :posix (username uid gid) @@ -61,7 +61,7 @@ that group, and ~USERNAME and its contents are owned by UID:GID." (subsetp groups (cddr (split-string (stripln (run "groups" username)))) :test #'string=)) (:apply - (assert-euid-root) + (assert-remote-euid-root) (mrun "usermod" "-a" "-G" groups* username))) (defparameter *desktop-groups* @@ -113,10 +113,10 @@ and then this property will do nothing." (:desc #?"${username} has a locked password") (:hostattrs (os:required 'os:debianlike)) (:check - (assert-euid-root) + (assert-remote-euid-root) (string= "L" (cadr (split-string (run "passwd" "-S" username))))) (:apply - (assert-euid-root) + (assert-remote-euid-root) (mrun "passwd" "--lock" username))) (defun %getent-entry (n name-or-id &optional (database "passwd")) -- cgit v1.2.3