Merge pull request #6863 from robbyrussell/fix-compfix-loading

compfix: better error message and loading of completions
This commit is contained in:
Marc Cornellà 2018-05-26 21:35:39 +02:00 committed by GitHub
commit 62f676116e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 35 deletions

View file

@ -2,10 +2,6 @@
# insecure ownership or permissions) by: # insecure ownership or permissions) by:
# #
# * Human-readably notifying the user of these insecurities. # * Human-readably notifying the user of these insecurities.
# * Moving away all existing completion caches to a temporary directory. Since
# any of these caches may have been generated from insecure directories, they
# are all suspect now. Failing to do so typically causes subsequent compinit()
# calls to fail with "command not found: compdef" errors. (That's bad.)
function handle_completion_insecurities() { function handle_completion_insecurities() {
# List of the absolute paths of all unique insecure directories, split on # List of the absolute paths of all unique insecure directories, split on
# newline from compaudit()'s output resembling: # newline from compaudit()'s output resembling:
@ -22,39 +18,27 @@ function handle_completion_insecurities() {
insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} ) insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} )
# If no such directories exist, get us out of here. # If no such directories exist, get us out of here.
if (( ! ${#insecure_dirs} )); then (( ! ${#insecure_dirs} )) && return
print "[oh-my-zsh] No insecure completion-dependent directories detected."
return
fi
# List ownership and permissions of all insecure directories. # List ownership and permissions of all insecure directories.
print "[oh-my-zsh] Insecure completion-dependent directories detected:" print "[oh-my-zsh] Insecure completion-dependent directories detected:"
ls -ld "${(@)insecure_dirs}" ls -ld "${(@)insecure_dirs}"
print "[oh-my-zsh] For safety, completions will be disabled until you manually fix all"
print "[oh-my-zsh] insecure directory permissions and ownership and restart oh-my-zsh."
print "[oh-my-zsh] See the above list for directories with group or other writability.\n"
# Locally enable the "NULL_GLOB" option, thus removing unmatched filename cat <<EOD
# globs from argument lists *AND* printing no warning when doing so. Failing
# to do so prints an unreadable warning if no completion caches exist below.
setopt local_options null_glob
# List of the absolute paths of all unique existing completion caches. [oh-my-zsh] For safety, we will not load completions from these directories until
local -aU zcompdump_files [oh-my-zsh] you fix their permissions and ownership and restart zsh.
zcompdump_files=( "${ZSH_COMPDUMP}"(.) "${ZDOTDIR:-${HOME}}"/.zcompdump* ) [oh-my-zsh] See the above list for directories with group or other writability.
# Move such caches to a temporary directory. [oh-my-zsh] To fix your permissions you can do so by disabling
if (( ${#zcompdump_files} )); then [oh-my-zsh] the write permission of "group" and "others" and making sure that the
# Absolute path of the directory to which such files will be moved. [oh-my-zsh] owner of these directories is either root or your current user.
local ZSH_ZCOMPDUMP_BAD_DIR="${ZSH_CACHE_DIR}/zcompdump-bad" [oh-my-zsh] The following command may help:
[oh-my-zsh] compaudit | xargs chmod g-w,o-w
# List such files first. [oh-my-zsh] If the above didn't help or you want to skip the verification of
print "[oh-my-zsh] Insecure completion caches also detected:" [oh-my-zsh] insecure directories you can set the variable ZSH_DISABLE_COMPFIX to
ls -l "${(@)zcompdump_files}" [oh-my-zsh] "true" before oh-my-zsh is sourced in your zshrc file.
# For safety, move rather than permanently remove such files. EOD
print "[oh-my-zsh] Moving to \"${ZSH_ZCOMPDUMP_BAD_DIR}/\"...\n"
mkdir -p "${ZSH_ZCOMPDUMP_BAD_DIR}"
mv "${(@)zcompdump_files}" "${ZSH_ZCOMPDUMP_BAD_DIR}/"
fi
} }

View file

@ -63,15 +63,14 @@ if [ -z "$ZSH_COMPDUMP" ]; then
fi fi
if [[ $ZSH_DISABLE_COMPFIX != true ]]; then if [[ $ZSH_DISABLE_COMPFIX != true ]]; then
# If completion insecurities exist, warn the user without enabling completions. # If completion insecurities exist, warn the user
if ! compaudit &>/dev/null; then if ! compaudit &>/dev/null; then
# This function resides in the "lib/compfix.zsh" script sourced above.
handle_completion_insecurities handle_completion_insecurities
# Else, enable and cache completions to the desired file.
else
compinit -d "${ZSH_COMPDUMP}"
fi fi
# Load only from secure directories
compinit -i -d "${ZSH_COMPDUMP}"
else else
# If the user wants it, load from all found directories
compinit -u -d "${ZSH_COMPDUMP}" compinit -u -d "${ZSH_COMPDUMP}"
fi fi