rename config to annex.security.allowed-compute-programs

And require for enable as well as autoenable. It seemed asking for trouble for `git-annex enable foo` to use whatever compute program is stored in the git config, without verifying that the user wants that program to be used. Note that it would be good to allow `git-annex enable foo program=...` to be used without the program being in the git config. Not implemented yet though.
2025-03-03 16:07:04 -04:00 · 2025-03-03 16:07:04 -04:00 · 52f51d065a
commit 52f51d065a
parent f32d2aecce
5 changed files with 24 additions and 24 deletions
--- a/Remote/Compute.hs
+++ b/Remote/Compute.hs
@ -121,21 +121,19 @@ gen r u rc gc rs = case getComputeProgram' rc of
 setupInstance :: SetupStage -> Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID)
 setupInstance ss mu _ c _ = do
 	ComputeProgram program <- either giveup return $ getComputeProgram' c
+	allowedprograms <- maybe [] words . annexAllowedComputePrograms
+		<$> Annex.getGitConfig
 	case ss of
-		AutoEnable _ -> do
-			l <- maybe [] words 
-				. annexAutoEnableComputePrograms
-				<$> Annex.getGitConfig
-			unless (program `elem` l) $ do
-				let remotename = fromMaybe "(unknown)" (lookupName c)
-				giveup $ unwords
-					[ "Not auto-enabling compute special remote"
-					, remotename
-					, "because its compute program"
-					, program
-					, " is not listed in annex.security.autoenable-compute-programs"
-					]
-		_ -> noop
+		Init -> noop
+		_ -> unless (program `elem` allowedprograms) $ do
+			let remotename = fromMaybe "(unknown)" (lookupName c)
+			giveup $ unwords
+				[ "Not enabling compute special remote"
+				, remotename
+				, "because its compute program"
+				, program
+				, "is not listed in annex.security-allowed-compute-programs"
+				]
 	unlessM (liftIO $ inSearchPath program) $
 		giveup $ "Cannot find " ++ program ++ " in PATH"
 	u <- maybe (liftIO genUUID) return mu