From 33bad5cb9f49adf25f15e694c23e6dd29892b567 Mon Sep 17 00:00:00 2001 From: JensDiemer Date: Fri, 15 Apr 2022 16:39:12 +0200 Subject: [PATCH] Bugfix file permissions in install/upgrade/restore --- scripts/install | 6 +++++- scripts/restore | 17 ++++++++++++++++- scripts/upgrade | 6 +++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index 920fbd7..bbf0293 100755 --- a/scripts/install +++ b/scripts/install @@ -217,9 +217,13 @@ yunohost service add $app --description="Web based management to catalog things" # Set permissions to app files chown -R "$app:" "$log_path" -chown -R "$app:" "$public_path" +chown -R "$app:www-data" "$public_path" chown -R "$app:" "$final_path" +chmod o-rwx "$log_path" +chmod o-rwx "$public_path" +chmod o-rwx "$final_path" + #================================================= # SETUP SYSTEMD #================================================= diff --git a/scripts/restore b/scripts/restore index d93716a..6d47c8a 100755 --- a/scripts/restore +++ b/scripts/restore @@ -70,7 +70,7 @@ ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell #================================================= # Restore permissions on app files -chown -R "$app:" "$public_path" +chown -R "$app:www-data" "$public_path" chown -R "$app:" "$final_path" #================================================= @@ -144,6 +144,21 @@ touch "${log_file}" chown -R "$app:" "$log_path" ynh_restore_file --origin_path="/etc/logrotate.d/$app" +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions to app files +chown -R "$app:" "$log_path" +chown -R "$app:www-data" "$public_path" +chown -R "$app:" "$final_path" + +chmod o-rwx "$log_path" +chmod o-rwx "$public_path" +chmod o-rwx "$final_path" + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index d87db09..3c852ae 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -212,9 +212,13 @@ yunohost service add $app --description="Web based management to catalog things" # Set permissions to app files chown -R "$app:" "$log_path" -chown -R "$app:" "$public_path" +chown -R "$app:www-data" "$public_path" chown -R "$app:" "$final_path" +chmod o-rwx "$log_path" +chmod o-rwx "$public_path" +chmod o-rwx "$final_path" + #================================================= # Start for_runners via systemd #=================================================