YunoHost-Apps/guacamole_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/guacamole_ynh.git synced 2024-09-03 19:16:03 +02:00
Code Issues Activity Actions

Adjust permissions

Browse source
This commit is contained in:
Jules Bertholet 2021-03-22 16:39:41 -04:00
parent d3af4bc55c
commit 562f3f835b
5 changed files with 44 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.", "en": "Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.",
"fr": "Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH." "fr": "Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH."
}, },
"version": "1.3.0~ynh1", "version": "1.3.0~ynh2",
"url": "https://example.com", "url": "https://example.com",
"license": "Apache-2.0", "license": "Apache-2.0",
"maintainer": { "maintainer": {

2
scripts/_common.sh
View file

@ -5,7 +5,7 @@
#================================================= #=================================================
# dependencies used by the app # dependencies used by the app
pkg_dependencies="build-essential libcairo2 libjpeg62-turbo-dev libpng-dev libtool-bin libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev tomcat9" pkg_dependencies="acl build-essential libcairo2 libjpeg62-turbo-dev libpng-dev libtool-bin libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev tomcat9"
#================================================= #=================================================
# PERSONAL HELPERS # PERSONAL HELPERS

12
scripts/install
View file

@ -291,11 +291,15 @@ ynh_replace_string --match_string="8080" --replace_string="$port" --target_file=
### that really need such authorization. ### that really need such authorization.
# Set permissions to app files # Set permissions to app files
chown -R root: $final_path chown -R root:root $final_path
chown -R "$app-tomcat":"$app-guacd" "/var/log/$app/guacd/" "/var/log/$app/tomcat/" chmod -R o-rwx $final_path
chown -R root:"$app-tomcat" "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/" setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
chmod -R 650 "$final_path/etc/guacamole/" setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
chown -R root:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps" chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE

48
scripts/restore
View file

@ -74,28 +74,6 @@ ynh_system_user_create --username="$app-tomcat"
ynh_restore_file --origin_path="/var/log/$app" ynh_restore_file --origin_path="/var/log/$app"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R root: $final_path
chown -R "$app-tomcat":"$app-guacd" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
chown -R root:"$app-tomcat" "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chmod -R 650 "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# SPECIFIC RESTORATION
#================================================= #=================================================
# REINSTALL DEPENDENCIES # REINSTALL DEPENDENCIES
#================================================= #=================================================
@ -122,6 +100,32 @@ if [ ! $tomcat_active ]; then
systemctl stop tomcat9 --quiet systemctl stop tomcat9 --quiet
fi fi
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R root:root $final_path
chmod -R o-rwx $final_path
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
chown -R root:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# SPECIFIC RESTORATION
#================================================= #=================================================
# RESTORE THE MYSQL DATABASE # RESTORE THE MYSQL DATABASE
#================================================= #=================================================

12
scripts/upgrade
View file

@ -218,11 +218,15 @@ ynh_replace_string --match_string="8080" --replace_string="$port" --target_file=
#================================================= #=================================================
# Set permissions on app files # Set permissions on app files
chown -R root: $final_path chown -R root:root $final_path
chown -R "$app-tomcat":"$app-guacd" "/var/log/$app/guacd/" "/var/log/$app/tomcat/" chmod -R o-rwx $final_path
chown -R root:"$app-tomcat" "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/" setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
chmod -R 650 "$final_path/etc/guacamole/" setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
chown -R root:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps" chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE