From bf0a4bc914bbef96852c61be6b5a038b699c7c73 Mon Sep 17 00:00:00 2001 From: Ben Grande Date: Wed, 19 Jun 2024 15:12:22 +0200 Subject: [PATCH] fix: terminate option parsing for qvm commands --- salt/signal/firewall.sls | 26 +++++++++---------- .../files/client/git-core/git-init-qrexec | 4 +-- .../client/git-core/git-remote-qrexec-connect | 4 +-- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/salt/signal/firewall.sls b/salt/signal/firewall.sls index 68fbb3f..40b1620 100644 --- a/salt/signal/firewall.sls +++ b/salt/signal/firewall.sls @@ -9,16 +9,16 @@ SPDX-License-Identifier: AGPL-3.0-or-later - require: - qvm: {{ slsdotpath }} - name: | - qvm-check -q --running {{ slsdotpath }} && qvm-pause {{ slsdotpath }} - qvm-firewall {{ slsdotpath }} reset - qvm-firewall {{ slsdotpath }} del --rule-no 0 - qvm-check -q --running {{ slsdotpath }} && qvm-unpause {{ slsdotpath }} - qvm-firewall {{ slsdotpath }} add accept signal.org - qvm-firewall {{ slsdotpath }} add accept storage.signal.org - qvm-firewall {{ slsdotpath }} add accept chat.signal.org - qvm-firewall {{ slsdotpath }} add accept cdn.signal.org - qvm-firewall {{ slsdotpath }} add accept cdn2.signal.org - qvm-firewall {{ slsdotpath }} add accept sfu.voip.signal.org - qvm-firewall {{ slsdotpath }} add accept turn.voip.signal.org - qvm-firewall {{ slsdotpath }} add accept turn2.voip.signal.org - qvm-firewall {{ slsdotpath }} add accept turn3.voip.signal.org + qvm-check -q --running -- {{ slsdotpath }} && qvm-pause -- {{ slsdotpath }} + qvm-firewall -- {{ slsdotpath }} reset + qvm-firewall -- {{ slsdotpath }} del --rule-no 0 + qvm-check -q --running -- {{ slsdotpath }} && qvm-unpause -- {{ slsdotpath }} + qvm-firewall -- {{ slsdotpath }} add accept signal.org + qvm-firewall -- {{ slsdotpath }} add accept storage.signal.org + qvm-firewall -- {{ slsdotpath }} add accept chat.signal.org + qvm-firewall -- {{ slsdotpath }} add accept cdn.signal.org + qvm-firewall -- {{ slsdotpath }} add accept cdn2.signal.org + qvm-firewall -- {{ slsdotpath }} add accept sfu.voip.signal.org + qvm-firewall -- {{ slsdotpath }} add accept turn.voip.signal.org + qvm-firewall -- {{ slsdotpath }} add accept turn2.voip.signal.org + qvm-firewall -- {{ slsdotpath }} add accept turn3.voip.signal.org diff --git a/salt/sys-git/files/client/git-core/git-init-qrexec b/salt/sys-git/files/client/git-core/git-init-qrexec index 5c74387..bf02c71 100755 --- a/salt/sys-git/files/client/git-core/git-init-qrexec +++ b/salt/sys-git/files/client/git-core/git-init-qrexec @@ -45,10 +45,10 @@ elif command -v qrexec-client >/dev/null; then if test "${authority}" = "@default"; then authority="${default_qube}" fi - if ! qvm-check "${authority}" >/dev/null 2>&1; then + if ! qvm-check -- "${authority}" >/dev/null 2>&1; then die "Qube doesn't exist: '${authority}'" fi - qvm-start --skip-if-running "${authority}" + qvm-start --skip-if-running -- "${authority}" exec qrexec-client -tT -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0" fi diff --git a/salt/sys-git/files/client/git-core/git-remote-qrexec-connect b/salt/sys-git/files/client/git-core/git-remote-qrexec-connect index e0098c7..e1bd110 100755 --- a/salt/sys-git/files/client/git-core/git-remote-qrexec-connect +++ b/salt/sys-git/files/client/git-core/git-remote-qrexec-connect @@ -72,10 +72,10 @@ elif command -v qrexec-client >/dev/null; then if test "${authority}" = "@default"; then authority="${default_qube}" fi - if ! qvm-check "${authority}" >/dev/null 2>&1; then + if ! qvm-check -- "${authority}" >/dev/null 2>&1; then die "Qube doesn't exist: '${authority}'" fi - qvm-start --skip-if-running "${authority}" + qvm-start --skip-if-running -- "${authority}" log "->" qrexec-client -T -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0" exec qrexec-client -T -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0" fi