From c845bca885452f38fd222c7010ad92c9113976b2 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Wed, 18 May 2022 09:32:04 +0200 Subject: [PATCH] Fix --- scripts/install | 24 ++++++++++++++---------- scripts/upgrade | 24 ++++++++++++++---------- 2 files changed, 28 insertions(+), 20 deletions(-) diff --git a/scripts/install b/scripts/install index 7922ff8..f86e6c3 100644 --- a/scripts/install +++ b/scripts/install @@ -87,6 +87,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -202,18 +206,18 @@ ynh_store_file_checksum --file="$final_path/protected/config/common.php" # SECURE FILES AND DIRECTORIES #================================================= -# Set permissions on app files -chown -R root: $final_path +# # Set permissions on app files +# chown -R root: $final_path -# Remove permission to others than $app and www-data (nginx user) -chmod o-rwx $final_path -chown $app:www-data $final_path +# # Remove permission to others than $app and www-data (nginx user) +# chmod o-rwx $final_path +# chown $app:www-data $final_path -chown -R $app $final_path/assets -chown -R $app $final_path/protected/config -chown -R $app $final_path/protected/modules -chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads +# chown -R $app $final_path/assets +# chown -R $app $final_path/protected/config +# chown -R $app $final_path/protected/modules +# chown -R $app $final_path/protected/runtime +# chown -R $app $final_path/uploads #================================================= # SETUP CRON CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 8e2f7bf..db4dda1 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -95,6 +95,10 @@ then ynh_secure_remove --file="$final_path.old" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -162,18 +166,18 @@ chmod 644 "/etc/cron.d/$app" # SECURE FILES AND DIRECTORIES #================================================= -# Set permissions on app files -chown -R root: $final_path +# # Set permissions on app files +# chown -R root: $final_path -# Remove permission to others than $app and www-data (nginx user) -chmod o-rwx $final_path -chown $app:www-data $final_path +# # Remove permission to others than $app and www-data (nginx user) +# chmod o-rwx $final_path +# chown $app:www-data $final_path -chown -R $app $final_path/assets -chown -R $app $final_path/protected/config -chown -R $app $final_path/protected/modules -chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads +# chown -R $app $final_path/assets +# chown -R $app $final_path/protected/config +# chown -R $app $final_path/protected/modules +# chown -R $app $final_path/protected/runtime +# chown -R $app $final_path/uploads #================================================= # RELOAD NGINX