From b5dfc534c67831f46caf39e4240d19f5df951cb7 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 16 Nov 2020 16:26:56 +0100 Subject: [PATCH] Close port if it was opened in the firewall during upgrade --- scripts/remove | 10 ---------- scripts/upgrade | 7 +++++++ 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/scripts/remove b/scripts/remove index f66f57f..328174a 100644 --- a/scripts/remove +++ b/scripts/remove @@ -83,16 +83,6 @@ ynh_script_progression --message="Removing logrotate configuration..." # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - #================================================= # SPECIFIC REMOVE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index f73a794..ccd9121 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -90,6 +90,13 @@ if [ -z "$hashed_password" ]; then ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password fi +# In previous versions, the port was mistakenly exposed to the outside world >_> +if yunohost firewall list | grep -q "\- $port$" +then + ynh_script_progression --message="Closing port $port..." + ynh_exec_warn_less yunohost firewall disallow TCP $port +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #=================================================