mirror of
https://github.com/YunoHost-Apps/agendav_ynh.git
synced 2024-09-03 20:36:12 +02:00
Fix rights
This commit is contained in:
yalh76
parent
7a3a664e33
commit
d7d10fb4f8
3 changed files with 31 additions and 7 deletions
|
|
@ -69,6 +69,8 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
|
|||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
ynh_app_setting_set --app=$app --key=language --value=$language
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
|
|
@ -103,6 +105,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -169,14 +175,14 @@ ynh_script_progression --message="Initialising AgenDAV..." --weight=3
|
|||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
chown -R root: $final_path
|
||||
chown -R $app:www-data $final_path
|
||||
|
||||
# Only agendav user should write here
|
||||
chown -R $app ${final_path}/web/var/cache/{profiler,twig}
|
||||
|
||||
# The agendav user should read here, but does not need to write
|
||||
# Other users should not be able to read as it stores passwords.
|
||||
chown -R root:$app ${final_path}/web/config/
|
||||
chown -R $app:www-data ${final_path}/web/config/
|
||||
chmod -R 750 ${final_path}/web/config/
|
||||
|
||||
#=================================================
|
||||
|
|
|
|||
|
|
@ -60,14 +60,14 @@ chmod 750 "$final_path"
|
|||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
chown -R root: $final_path
|
||||
chown -R $app:www-data $final_path
|
||||
|
||||
# Only agendav user should write here
|
||||
chown -R $app ${final_path}/web/var/cache/{profiler,twig}
|
||||
|
||||
# The agendav user should read here, but does not need to write
|
||||
# Other users should not be able to read as it stores passwords.
|
||||
chown -R root:$app ${final_path}/web/config/
|
||||
chown -R $app:www-data ${final_path}/web/config/
|
||||
chmod -R 750 ${final_path}/web/config/
|
||||
|
||||
#=================================================
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
|||
#=================================================
|
||||
# CHECK VERSION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the NGINX web server configuration..."
|
||||
ynh_script_progression --message="Checking version..."
|
||||
|
||||
upgrade_type=$(ynh_check_app_version_changed)
|
||||
|
||||
|
|
@ -63,6 +63,13 @@ if [ -z "$final_path" ]; then
|
|||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
fi
|
||||
|
||||
# Cleaning legacy permissions
|
||||
if ynh_legacy_permissions_exists; then
|
||||
ynh_legacy_permissions_delete_all
|
||||
|
||||
ynh_app_setting_delete --app=$app --key=is_public
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
|
@ -106,6 +113,17 @@ then
|
|||
ynh_setup_source --dest_dir="$final_path"
|
||||
fi
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# UPGRADE DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading dependencies..."
|
||||
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -174,14 +192,14 @@ ynh_script_progression --message="Upgrading AgenDAV..."
|
|||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
chown -R root: $final_path
|
||||
chown -R $app:www-data $final_path
|
||||
|
||||
# Only agendav user should write here
|
||||
chown -R $app ${final_path}/web/var/cache/{profiler,twig}
|
||||
|
||||
# The agendav user should read here, but does not need to write
|
||||
# Other users should not be able to read as it stores passwords.
|
||||
chown -R root:$app ${final_path}/web/config/
|
||||
chown -R $app:www-data ${final_path}/web/config/
|
||||
chmod -R 750 ${final_path}/web/config/
|
||||
|
||||
#=================================================
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue