From: Clinton Ebadi <clinton@unknownlamer.org>
Date: Wed, 9 Apr 2014 21:26:59 +0000 (-0400)
Subject: Allow faking your_{user,path,group} and homedir
X-Git-Tag: release_20140428~3^2~1
X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/commitdiff_plain/b89f3b680b7d4c16d2b684487d5a202fa0e726ae

Allow faking your_{user,path,group} and homedir

Autodoc hates the your_FOO refinement types, and I see no reason why
users wouldn't want to fake these values if they are already faking
domain permissions. Additionally, set the homedir to /tmp if the user
is unset and we're faking privs.
---

diff --git a/src/domain.sml b/src/domain.sml
index 3e212a2..7286b2e 100644
--- a/src/domain.sml
+++ b/src/domain.sml
@@ -134,15 +134,18 @@ fun validDomain s =
 fun validNode s = List.exists (fn s' => s = s') nodes
 
 fun yourDomain s = !fakePrivs orelse SS.member (your_domains (), s)
-fun yourUser s = SS.member (your_users (), s)
-fun yourGroup s = SS.member (your_groups (), s)
+fun yourUser s = !fakePrivs orelse SS.member (your_users (), s)
+fun yourGroup s = !fakePrivs orelse SS.member (your_groups (), s)
+
 fun checkPath paths path =
+    !fakePrivs orelse
     (List.all (fn s => s <> "..") (String.fields (fn ch => ch = #"/") path)
      andalso CharVector.all (fn ch => Char.isAlphaNum ch orelse ch = #"." orelse ch = #"/"
 				      orelse ch = #"-" orelse ch = #"_") path
      andalso SS.exists (fn s' => path = s' orelse String.isPrefix (s' ^ "/") path) (paths ()))
 val yourPath = checkPath your_paths
 val readablePath = checkPath readable_paths
+
 fun yourIp s = !fakePrivs orelse SS.member (your_ips (), s)
 
 fun yourDomainHost s =
@@ -866,6 +869,7 @@ fun homedirOf uname =
     Posix.SysDB.Passwd.home (Posix.SysDB.getpwnam uname)
 
 fun homedir () = homedirOf (getUser ())
+		 handle e => if !fakePrivs then "/tmp" else raise e
 
 type subject = {node : string, domain : string}