diff --git a/README.md b/README.md index 331ff22..492978e 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,5 @@ sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh ## TODO -[ ] create a dedicated user [ ] fix alias_traversal [ ] send email to admin \ No newline at end of file diff --git a/check_process b/check_process index 069c632..db410f8 100644 --- a/check_process +++ b/check_process @@ -41,4 +41,4 @@ Notification=all ;;; Upgrade options ; commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd name=pre rebuild - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public=Yes& \ No newline at end of file + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public="Yes"& \ No newline at end of file diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 446cae6..6134990 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -19,8 +19,8 @@ ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = www-data -group = www-data +user = __USER__ +group = __USER__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: diff --git a/scripts/install b/scripts/install index 2eb3f43..ba5309c 100644 --- a/scripts/install +++ b/scripts/install @@ -78,6 +78,13 @@ ynh_setup_source "$final_path" # Create a dedicated nginx config ynh_add_nginx_config +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create "$app" + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -91,7 +98,7 @@ ynh_add_fpm_config # SECURE FILES AND DIRECTORIES #================================================= -chown -R www-data: "$final_path" +chown -R "$app": "$final_path" #================================================= # SETUP SSOWAT diff --git a/scripts/remove b/scripts/remove index 887f05f..1600700 100644 --- a/scripts/remove +++ b/scripts/remove @@ -49,3 +49,12 @@ ynh_remove_nginx_config # Remove the dedicated php-fpm config ynh_remove_fpm_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= + +# Delete a system user +ynh_system_user_delete "$app" \ No newline at end of file diff --git a/scripts/restore b/scripts/restore index fc5d92b..a414c9e 100644 --- a/scripts/restore +++ b/scripts/restore @@ -31,7 +31,6 @@ domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) final_path=$(ynh_app_setting_get $app final_path) - #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= @@ -56,12 +55,18 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file "$final_path" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= + +# Create the dedicated user (if not existing) +ynh_system_user_create "$app" #================================================= # RESTORE USER RIGHTS #================================================= -chown -R www-data: "$final_path" +chown -R "$app": "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 058f040..8081797 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -91,6 +91,13 @@ ynh_add_nginx_config ynh_install_app_dependencies php7.0-zip +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a dedicated user (if not existing) +ynh_system_user_create "$app" + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -98,7 +105,7 @@ ynh_install_app_dependencies php7.0-zip # Create a dedicated php-fpm config ynh_add_fpm_config -chown -R www-data: "$final_path" +chown -R "$app": "$final_path" #================================================= # GENERIC FINALIZATION