[exim-dev] the use of >> in example Shell code in the docume…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Ivan Shmakov
Ημερομηνία:  
Προς: exim-dev
Αντικείμενο: [exim-dev] the use of >> in example Shell code in the documentation
    The documentation reads:

--cut: http://exim.org/exim-html-current/doc/html/spec_html/ch39.html --
    To replace the parameters with new ones, instead of deleting the
    file and letting Exim re-create it, you can generate new parameters
    using certtool and, when this has been done, replace Exim’s cache
    file by renaming.  The relevant commands are something like this:


# rm -f new-params
# touch new-params
# chown exim:exim new-params
# chmod 0400 new-params
# certtool --generate-privkey --bits 512 >new-params
# echo "" >>new-params
# certtool --generate-dh-params --bits 1024 >> new-params
# mv new-params gnutls-params
--cut: http://exim.org/exim-html-current/doc/html/spec_html/ch39.html --

    Arguably, it doesn't make sense to use >> here.  Also, while it
    may not be a problem in practice, the use of touch(1) followed
    by chmod(1) is a race, easily avoidable with the use of the
    umask command.


    Consider, e. g., the following example code instead:


#!/bin/sh
rm -f new-params
umask 0277
{
    certtool --generate-privkey --bits 512
    echo ""
    certtool --generate-dh-params --bits 1024
} > new-params
chown exim:exim new-params
mv new-params gnutls-params


    Should something like mktemp(1) be used as well, the rm(1)
    vs. touch(1) race will also be avoided, and it will be perfectly
    safe to run multiple instances of the code above at once.  (Just
    as with Exim computing new D-H parameters by itself.)


--
FSF associate member #7257