Give more helpful message and disable purge of caches
This error message will give information on what exactly has happened and how to either solve ownership and permissions or disable the check entirely. Also gets rid of the purge of compinit caches since with the current logic insecure completion directories are ignored and therefore haven't tainted the cached files.
This commit is contained in:
parent
90a5bd06ca
commit
77b924b839
|
@ -2,10 +2,6 @@
|
||||||
# insecure ownership or permissions) by:
|
# insecure ownership or permissions) by:
|
||||||
#
|
#
|
||||||
# * Human-readably notifying the user of these insecurities.
|
# * Human-readably notifying the user of these insecurities.
|
||||||
# * Moving away all existing completion caches to a temporary directory. Since
|
|
||||||
# any of these caches may have been generated from insecure directories, they
|
|
||||||
# are all suspect now. Failing to do so typically causes subsequent compinit()
|
|
||||||
# calls to fail with "command not found: compdef" errors. (That's bad.)
|
|
||||||
function handle_completion_insecurities() {
|
function handle_completion_insecurities() {
|
||||||
# List of the absolute paths of all unique insecure directories, split on
|
# List of the absolute paths of all unique insecure directories, split on
|
||||||
# newline from compaudit()'s output resembling:
|
# newline from compaudit()'s output resembling:
|
||||||
|
@ -22,39 +18,27 @@ function handle_completion_insecurities() {
|
||||||
insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} )
|
insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} )
|
||||||
|
|
||||||
# If no such directories exist, get us out of here.
|
# If no such directories exist, get us out of here.
|
||||||
if (( ! ${#insecure_dirs} )); then
|
(( ! ${#insecure_dirs} )) && return
|
||||||
print "[oh-my-zsh] No insecure completion-dependent directories detected."
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
# List ownership and permissions of all insecure directories.
|
# List ownership and permissions of all insecure directories.
|
||||||
print "[oh-my-zsh] Insecure completion-dependent directories detected:"
|
print "[oh-my-zsh] Insecure completion-dependent directories detected:"
|
||||||
ls -ld "${(@)insecure_dirs}"
|
ls -ld "${(@)insecure_dirs}"
|
||||||
print "[oh-my-zsh] For safety, completions will be disabled until you manually fix all"
|
|
||||||
print "[oh-my-zsh] insecure directory permissions and ownership and restart oh-my-zsh."
|
|
||||||
print "[oh-my-zsh] See the above list for directories with group or other writability.\n"
|
|
||||||
|
|
||||||
# Locally enable the "NULL_GLOB" option, thus removing unmatched filename
|
cat <<EOD
|
||||||
# globs from argument lists *AND* printing no warning when doing so. Failing
|
|
||||||
# to do so prints an unreadable warning if no completion caches exist below.
|
|
||||||
setopt local_options null_glob
|
|
||||||
|
|
||||||
# List of the absolute paths of all unique existing completion caches.
|
[oh-my-zsh] For safety, we will not load completions from these directories until
|
||||||
local -aU zcompdump_files
|
[oh-my-zsh] you fix their permissions and ownership and restart zsh.
|
||||||
zcompdump_files=( "${ZSH_COMPDUMP}"(.) "${ZDOTDIR:-${HOME}}"/.zcompdump* )
|
[oh-my-zsh] See the above list for directories with group or other writability.
|
||||||
|
|
||||||
# Move such caches to a temporary directory.
|
[oh-my-zsh] To fix your permissions you can do so by disabling
|
||||||
if (( ${#zcompdump_files} )); then
|
[oh-my-zsh] the write permission of "group" and "others" and making sure that the
|
||||||
# Absolute path of the directory to which such files will be moved.
|
[oh-my-zsh] owner of these directories is either root or your current user.
|
||||||
local ZSH_ZCOMPDUMP_BAD_DIR="${ZSH_CACHE_DIR}/zcompdump-bad"
|
[oh-my-zsh] The following command may help:
|
||||||
|
[oh-my-zsh] compaudit | xargs chmod g-w,o-w
|
||||||
|
|
||||||
# List such files first.
|
[oh-my-zsh] If the above didn't help or you want to skip the verification of
|
||||||
print "[oh-my-zsh] Insecure completion caches also detected:"
|
[oh-my-zsh] insecure directories you can set the variable ZSH_DISABLE_COMPFIX to
|
||||||
ls -l "${(@)zcompdump_files}"
|
[oh-my-zsh] "true" before oh-my-zsh is sourced in your zshrc file.
|
||||||
|
|
||||||
# For safety, move rather than permanently remove such files.
|
EOD
|
||||||
print "[oh-my-zsh] Moving to \"${ZSH_ZCOMPDUMP_BAD_DIR}/\"...\n"
|
|
||||||
mkdir -p "${ZSH_ZCOMPDUMP_BAD_DIR}"
|
|
||||||
mv "${(@)zcompdump_files}" "${ZSH_ZCOMPDUMP_BAD_DIR}/"
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue