# HG changeset patch # User Guido Berhoerster # Date 1505666705 -7200 # Node ID 1b89066d992cdc44a67801c72674c8196a0f8136 # Parent ec01c579024aed7ddf3a10fdeff3b38280bd2074 Add read-only mode diff -r ec01c579024a -r 1b89066d992c cmd.c --- a/cmd.c Thu Sep 07 12:40:50 2017 +0200 +++ b/cmd.c Sun Sep 17 18:45:05 2017 +0200 @@ -228,9 +228,15 @@ return (CMD_SIGNAL); } } - if (io_printf("There are%sunsaved changes\n", - ctx->unsaved_changes ? " " : " no ") == IO_SIGNAL) { - return (CMD_SIGNAL); + if (ctx->is_readonly) { + if (io_printf("Read-only mode\n") == IO_SIGNAL) { + return (CMD_SIGNAL); + } + } else { + if (io_printf("There are%sunsaved changes\n", + ctx->unsaved_changes ? " " : " no ") == IO_SIGNAL) { + return (CMD_SIGNAL); + } } return (CMD_STATUS); @@ -495,6 +501,11 @@ goto out; } + if (ctx->is_readonly) { + pwm_err(ctx, "cannot create new entries in read-only mode"); + goto out; + } + record = pwfile_create_record(); for (i = 1; i < argc; i++) { @@ -571,6 +582,12 @@ pwm_err(ctx, "invalid id %s", argv[1]); goto out; } + + if (ctx->is_readonly) { + pwm_err(ctx, "cannot modify entries in read-only mode"); + goto out; + } + record = pwfile_get_record(ctx, id); for (i = 2; i < argc; i++) { @@ -650,6 +667,10 @@ /* check if first argument is an id */ if ((argc > 1) && (parse_id(argv[1], &id) == 0)) { i++; + if (ctx->is_readonly) { + pwm_err(ctx, "cannot modify entries in read-only mode"); + goto out; + } } for (; i < argc; i++) { @@ -781,6 +802,11 @@ return (CMD_ERR); } + if (ctx->is_readonly) { + pwm_err(ctx, "cannot remove entries in read-only mode"); + return (CMD_ERR); + } + if (pwfile_remove_pws_record(ctx, id) != 0) { pwm_err(ctx, "failed to remove record %u", id); return (CMD_ERR); @@ -959,6 +985,11 @@ return (CMD_USAGE); } + if (ctx->is_readonly) { + pwm_err(ctx, "cannot create groups in read-only mode"); + return (CMD_ERR); + } + if (ctx->is_interactive && (argc != 2)) { if (io_get_line(NULL, "Group: ", 0, NULL, 0, sizeof (group_buf), group_buf) == IO_SIGNAL) { @@ -986,6 +1017,11 @@ return (CMD_USAGE); } + if (ctx->is_readonly) { + pwm_err(ctx, "cannot remove groups in read-only mode"); + return (CMD_ERR); + } + if (pwfile_remove_group(ctx, argv[1]) != 0) { pwm_err(ctx, "empty group \"%s\" does not exist", argv[1]); return (CMD_ERR); @@ -1001,7 +1037,14 @@ if (argc > 2) { return (CMD_USAGE); - } else if (argc == 2) { + } + + if (ctx->is_readonly) { + pwm_err(ctx, "cannot modify entries in read-only mode"); + return (CMD_ERR); + } + + if (argc == 2) { len = strlen(argv[1]); if (len == 0) { pwm_err(ctx, "password must not be empty"); @@ -1060,6 +1103,11 @@ return (CMD_USAGE); } + if (ctx->is_readonly) { + pwm_err(ctx, "cannot write changes in read-only mode"); + return (CMD_ERR); + } + return ((pwfile_write_file(ctx) == 0) ? CMD_OK : CMD_ERR); } diff -r ec01c579024a -r 1b89066d992c pwm.1.xml --- a/pwm.1.xml Thu Sep 07 12:40:50 2017 +0200 +++ b/pwm.1.xml Sun Sep 17 18:45:05 2017 +0200 @@ -34,7 +34,7 @@ guido+pwm@berhoerster.name - 7 September, 2017 + 17 September, 2017 pwm @@ -55,6 +55,9 @@ password_file + + + database_file @@ -107,6 +110,15 @@ password_file. + + + + + + Treat the database as read-only and disallow any modifications + and write operations. + + diff -r ec01c579024a -r 1b89066d992c pwm.c --- a/pwm.c Thu Sep 07 12:40:50 2017 +0200 +++ b/pwm.c Sun Sep 17 18:45:05 2017 +0200 @@ -49,7 +49,7 @@ static void usage(void) { - fprintf(stderr, "usage: %s [-P file] [filename]\n", getprogname()); + fprintf(stderr, "usage: %s [-P file] [-R] [filename]\n", getprogname()); } void @@ -344,11 +344,14 @@ ctx.is_interactive = isatty(STDIN_FILENO); - while (!errflag && (c = getopt(argc, argv, "P:h")) != -1) { + while (!errflag && (c = getopt(argc, argv, "P:Rh")) != -1) { switch (c) { case 'P': master_password_filename = optarg; break; + case 'R': + ctx.is_readonly = 1; + break; case 'h': usage(); status = EXIT_SUCCESS; diff -r ec01c579024a -r 1b89066d992c pwm.h --- a/pwm.h Thu Sep 07 12:40:50 2017 +0200 +++ b/pwm.h Sun Sep 17 18:45:05 2017 +0200 @@ -45,6 +45,7 @@ struct pwm_ctx { int is_interactive; + int is_readonly; const char *prev_cmd; char *errmsg; char *dirname;