1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# NAME
ikisite-wrapper - suid wrapper for ikisite
# SYNOPSIS
ikisite-wrapper subcommand options
# DESCRIPTION
ikisite-wrapper is a wrapper around [[ikisite]]. It is designed to be safely
made suid root, though it is not currently suid by default.
A few ikisite subcommands can be run using the wrapper without any
authorisation at all. These include: create, branch, list, sitelookup,
checklock, updatecustomersite, and enabledns. So making the wrapper suid
allows any user to create a site.
Other ikisite subcommands can only be run using the wrapper by
users who specify a nonce in the IKISITE_NONCE environment variable. These
include: delete, changesetup, domains, and deletenonce.
A site's current nonces are stored in its `.ikisite-nonce` file. A nonce
can be generated by root or the site's user via using the createnonce
subcommand, but it's usually generated by passing --createnonce to the
create or branch subcommands. This allows anyone to create or branch a site
and then use the nonce to allow further configuration of it (and delete it
if something goes wrong).
Subcommands that can be called by the wrapper either without or with a nonce
should be sure to fully validate their inputs.
# SEE ALSO
* [[ikisite]](1)
# AUTHOR
Joey Hess <joey@ikiwiki.info>
Warning: this page is automatically made into a man page via [mdwn2man](http://git.ikiwiki.info/?p=ikiwiki;a=blob;f=mdwn2man;hb=HEAD). Edit with care
|
