diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-11-12 01:34:19 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-11-12 01:34:19 -0400 |
| commit | b4adaf75a36d6d6425df820c46023a32e79bb6df (patch) | |
| tree | 6f780bcb3c4bd9148d5770e389e854d8f025d15f /doc/usage.mdwn | |
| parent | 8d79d072dad51c9f7eb147f12bbe33742708f4b5 (diff) | |
The propellor wrapper checks if ./config.hs exists; if so it runs using the configuration in the current directory, rather than ~/.propellor/config.hs
The config,hs name now seems a bit badly chosen, propellor.hs would be less
ambiguous. To avoid accidentially running with a config.hs for something
else, the file content has to contain "Propellor".
Note that checkRepoUpToDate is only run for ~/.propellor/. I guess
propellor configs in other directories won't have been set up that way,
and it would take some changes to make that not hardcode use of
dotPropellor.
There's a new security boundary here, since running propellor looks at the
cwd, whose contents might not be user the user's control. The security
checks I added for this seem pretty good, but even if they can be bypassed,
this is not much different than `make` using the Makefile in cwd.
This commit was sponsored by Ole-Morten Duesund on Patreon.
Diffstat (limited to 'doc/usage.mdwn')
| -rw-r--r-- | doc/usage.mdwn | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/doc/usage.mdwn b/doc/usage.mdwn index 02686d5f..ac23799e 100644 --- a/doc/usage.mdwn +++ b/doc/usage.mdwn @@ -24,8 +24,8 @@ and configured in haskell. Once propellor is configured, running it without any options will take action as needed to satisfy the configured properties of the local host. - If there's a central git repository, it will first fetch from the - repository, check the gpg signature and merge, and rebuild propellor, + If there's a central git repository, it will first fetch from it, + check the gpg signature and merge, and rebuild propellor, so that any configuration changes will immediately take effect. If propellor is run by a non-root user without any options, this is @@ -116,6 +116,19 @@ and configured in haskell. This is useful when the local host doesn't yet have its hostname set correctly. +# FILES + +* ~/.propellor/config.hs + + This is the default config file used by propellor. + +* ./config.hs + + If propellor is run in a directory containing a config.hs, it + assumes that the current directory is a propellor repository, and + uses the configuration from the current directory, rather tnan + ~/.propellor/ + # ENVIRONMENT Set `PROPELLOR_DEBUG=1` to make propellor output each command it runs and |