diff --git a/lib/compfix.zsh b/lib/compfix.zsh new file mode 100644 index 000000000..208aaadb1 --- /dev/null +++ b/lib/compfix.zsh @@ -0,0 +1,60 @@ +# Handle completions insecurities (i.e., completion-dependent directories with +# insecure ownership or permissions) by: +# +# * Human-readably notifying the user of these insecurities. +# * Moving away all existing completion caches to a temporary directory. Since +# any of these caches may have been generated from insecure directories, they +# are all suspect now. Failing to do so typically causes subsequent compinit() +# calls to fail with "command not found: compdef" errors. (That's bad.) +function handle_completion_insecurities() { + # List of the absolute paths of all unique insecure directories, split on + # newline from compaudit()'s output resembling: + # + # There are insecure directories: + # /usr/share/zsh/site-functions + # /usr/share/zsh/5.0.6/functions + # /usr/share/zsh + # /usr/share/zsh/5.0.6 + # + # Since the ignorable first line is printed to stderr and thus not captured, + # stderr is squelched to prevent this output from leaking to the user. + local -aU insecure_dirs + insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} ) + + # If no such directories exist, get us out of here. + if (( ! ${#insecure_dirs} )); then + print "[oh-my-zsh] No insecure completion-dependent directories detected." + return + fi + + # List ownership and permissions of all insecure directories. + print "[oh-my-zsh] Insecure completion-dependent directories detected:" + ls -ld "${(@)insecure_dirs}" + print "[oh-my-zsh] For safety, completions will be disabled until you manually fix all" + print "[oh-my-zsh] insecure directory permissions and ownership and restart oh-my-zsh." + print "[oh-my-zsh] See the above list for directories with group or other writability.\n" + + # Locally enable the "NULL_GLOB" option, thus removing unmatched filename + # globs from argument lists *AND* printing no warning when doing so. Failing + # to do so prints an unreadable warning if no completion caches exist below. + setopt local_options null_glob + + # List of the absolute paths of all unique existing completion caches. + local -aU zcompdump_files + zcompdump_files=( "${ZSH_COMPDUMP}"(.) "${ZDOTDIR:-${HOME}}"/.zcompdump* ) + + # Move such caches to a temporary directory. + if (( ${#zcompdump_files} )); then + # Absolute path of the directory to which such files will be moved. + local ZSH_ZCOMPDUMP_BAD_DIR="${ZSH_CACHE_DIR}/zcompdump-bad" + + # List such files first. + print "[oh-my-zsh] Insecure completion caches also detected:" + ls -l "${(@)zcompdump_files}" + + # For safety, move rather than permanently remove such files. + print "[oh-my-zsh] Moving to \"${ZSH_ZCOMPDUMP_BAD_DIR}/\"...\n" + mkdir -p "${ZSH_ZCOMPDUMP_BAD_DIR}" + mv "${(@)zcompdump_files}" "${ZSH_ZCOMPDUMP_BAD_DIR}/" + fi +} diff --git a/oh-my-zsh.sh b/oh-my-zsh.sh index 4e5f77990..8e31ddd0f 100644 --- a/oh-my-zsh.sh +++ b/oh-my-zsh.sh @@ -8,6 +8,9 @@ fi # add a function path fpath=($ZSH/functions $ZSH/completions $fpath) +# Load all stock functions (from $fpath files) called below. +autoload -U compaudit compinit + # Set ZSH_CUSTOM to the path where your custom config files # and plugins exists, or else we will use the default custom/ if [[ -z "$ZSH_CUSTOM" ]]; then @@ -59,9 +62,14 @@ if [ -z "$ZSH_COMPDUMP" ]; then ZSH_COMPDUMP="${ZDOTDIR:-${HOME}}/.zcompdump-${SHORT_HOST}-${ZSH_VERSION}" fi -# Load and run compinit -autoload -U compinit -compinit -i -d "${ZSH_COMPDUMP}" +# If completion insecurities exist, warn the user without enabling completions. +if ! compaudit &>/dev/null; then + # This function resides in the "lib/compfix.zsh" script sourced above. + handle_completion_insecurities +# Else, enable and cache completions to the desired file. +else + compinit -d "${ZSH_COMPDUMP}" +fi # Load all of the plugins that were defined in ~/.zshrc for plugin ($plugins); do diff --git a/tools/install.sh b/tools/install.sh index 1586cdee5..aebd28371 100755 --- a/tools/install.sh +++ b/tools/install.sh @@ -16,6 +16,13 @@ if [ -d "$ZSH" ]; then exit fi +# Prevent the cloned repository from having insecure permissions. Failing to do +# so causes compinit() calls to fail with "command not found: compdef" errors +# for users with insecure umasks (e.g., "002", allowing group writability). Note +# that this will be ignored under Cygwin by default, as Windows ACLs take +# precedence over umasks except for filesystems mounted with option "noacl". +umask g-w,o-w + echo "\033[0;34mCloning Oh My Zsh...\033[0m" hash git >/dev/null 2>&1 && env git clone --depth=1 https://github.com/robbyrussell/oh-my-zsh.git $ZSH || { echo "git not installed" @@ -41,12 +48,17 @@ export PATH=\"$PATH\" " ~/.zshrc > ~/.zshrc-omztemp mv -f ~/.zshrc-omztemp ~/.zshrc -TEST_CURRENT_SHELL=$(expr "$SHELL" : '.*/\(.*\)') -if [ "$TEST_CURRENT_SHELL" != "zsh" ]; then +# If this user's login shell is not already "zsh", attempt to switch. +if [ "$(expr "$SHELL" : '.*/\(.*\)')" != "zsh" ]; then + # If this platform provides a "chsh" command (not Cygwin), do it, man! + if hash chsh >/dev/null 2>&1; then echo "\033[0;34mTime to change your default shell to zsh!\033[0m" chsh -s $(grep /zsh$ /etc/shells | tail -1) + # Else, suggest the user do so manually. + else + echo "\033[0;34mPlease manually change your default shell to zsh!\033[0m" + fi fi -unset TEST_CURRENT_SHELL echo "\033[0;32m"' __ __ '"\033[0m" echo "\033[0;32m"' ____ / /_ ____ ___ __ __ ____ _____/ /_ '"\033[0m"