From 33415b8fe766b3a8aac11decd3e49330b548d823 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Sat, 21 Oct 2017 23:15:17 +0200 Subject: [PATCH] Let's create a specific user --- conf/php-fpm.conf | 4 ++-- scripts/install | 5 +++-- scripts/restore | 9 ++++++++- scripts/upgrade | 8 +++++++- 4 files changed, 20 insertions(+), 6 deletions(-) diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index ad5e9c8..cf24884 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -8,8 +8,8 @@ listen.group = www-data listen.mode = 0600 ; Unix user/group of processes. -user = www-data -group = www-data +user = __USER__ +group = __USER__ ; Choose how the process manager will control the number of child processes. pm = dynamic diff --git a/scripts/install b/scripts/install index 32240c5..ba1db7b 100644 --- a/scripts/install +++ b/scripts/install @@ -89,7 +89,8 @@ ynh_add_nginx_config # CREATE DEDICATED USER #================================================= - +# Create a system user +ynh_system_user_create "$app" #================================================= # PHP-FPM CONFIGURATION @@ -131,7 +132,7 @@ ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < "${final_path}/app/Schema/S # Set permissions to kanboard and data directory chown -R root:root "$final_path" -chown -R www-data "$final_path"/{data,plugins} +chown -R "$app" "$final_path"/{data,plugins} #================================================= # SETUP SSOWAT diff --git a/scripts/restore b/scripts/restore index 0688853..723c47b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -70,12 +70,19 @@ ynh_restore_file "$final_path" ynh_mysql_setup_db "$dbuser" "$dbname" "$dbpass" ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql +#================================================= +# RECREATE THE DEDICATED USER +#================================================= + +# Create the dedicated user (if not existing) +ynh_system_user_create "$app" + #================================================= # RESTORE USER RIGHTS #================================================= chown -R root:root "$final_path" -chown -R www-data "$final_path"/{data,plugins} +chown -R "$app" "$final_path"/{data,plugins} #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 124dc53..c06b1bd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -76,6 +76,12 @@ ynh_secure_remove "$final_path.old" # Create a dedicated nginx config ynh_add_nginx_config +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create "$app" # flush php sessions before upgrade ynh_secure_remove /var/lib/php5/session/* @@ -118,7 +124,7 @@ ynh_replace_string "yuno_domain" "$domain" "$config_php" # Set permissions to kanboard and data directory chown -R root:root "$final_path" -chown -R www-data "$final_path"/{data,plugins} +chown -R "$app" "$final_path"/{data,plugins} #================================================= # SETUP SSOWAT