From e5fd3942fc7bee57e87e13608f616c48487f4d25 Mon Sep 17 00:00:00 2001 From: src386 Date: Fri, 21 Aug 2015 16:18:30 +0200 Subject: [PATCH] revert to www-data user --- conf/movim.init | 2 +- conf/movim.service | 2 +- scripts/install | 29 +++++++++++++---------------- scripts/upgrade | 14 ++------------ 4 files changed, 17 insertions(+), 30 deletions(-) diff --git a/conf/movim.init b/conf/movim.init index aa36030..b0e1556 100755 --- a/conf/movim.init +++ b/conf/movim.init @@ -11,7 +11,7 @@ dir="YHDIR" cmd="php daemon.php https://YHURL YHPORT" -user="movim" +user="www-data" name=`basename $0` pid_file="/var/run/$name.pid" diff --git a/conf/movim.service b/conf/movim.service index c20b295..c237d9d 100644 --- a/conf/movim.service +++ b/conf/movim.service @@ -3,7 +3,7 @@ Description=Movim daemon After=nginx.service network.target local-fs.target [Service] -User=movim +User=www-data Type=simple ExecStart=/usr/bin/php daemon.php https://YHURL YHPORT WorkingDirectory=YHDIR diff --git a/scripts/install b/scripts/install index e48fa0e..0197b56 100644 --- a/scripts/install +++ b/scripts/install @@ -38,7 +38,6 @@ sudo yunohost app setting movim public_site -v $public_site sudo yunohost app setting movim port -v $port # Generate random password -#db_pwd=$(strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 24 | tr -d '\n'; echo) db_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d '[[:alnum:]]' | sed -n 's/\(.\{24\}\).*/\1/p') # Use 'movim' as database name and user @@ -57,30 +56,28 @@ sudo mkdir -p $final_path sudo cp -a ../sources/* $final_path # Create movim system user and set permissions -sudo useradd -d /var/www/movim -s /bin/sh movim -sudo chown -R movim:www-data $final_path -sudo chmod -R 770 $final_path -sudo chmod g+s $final_path +sudo chown -R www-data: $final_path +sudo chmod -R 750 $final_path # Install PHP dependencies -sudo su -c "curl -sS https://getcomposer.org/installer | php -- --install-dir=$final_path" movim -sudo su -c "cd $final_path && php composer.phar install" movim +sudo su -c "curl -sS https://getcomposer.org/installer | php -- --install-dir=$final_path" -s /bin/sh www-data +sudo su -c "cd $final_path && php composer.phar install" -s /bin/sh www-data # Movim configuration sudo cp $final_path/config/db.example.inc.php $final_path/config/db.inc.php sudo sed -i "s@'username' => 'username'@'username' => '$db_user'@g" $final_path/config/db.inc.php sudo sed -i "s@'password' => 'password'@'password' => '$db_pwd'@g" $final_path/config/db.inc.php sudo sed -i "s@/ws/@$path/ws/@g" $final_path/app/assets/js/movim_websocket.js -sudo su -c "cd $final_path && php mud.php db set" movim -sudo su -c "cd $final_path && php mud.php config locale:$language" movim -sudo su -c "cd $final_path && php mud.php config loglevel:1" movim -sudo su -c "cd $final_path && php mud.php config environment:production" movim -sudo su -c "cd $final_path && php mud.php config timezone:`cat /etc/timezone`" movim -sudo su -c "cd $final_path && php mud.php config username:$admin" movim -sudo su -c "cd $final_path && php mud.php config password:`echo -n $password | sha1sum | awk '{print $1}'`" movim +sudo su -c "cd $final_path && php mud.php db set" -s /bin/sh www-data +sudo su -c "cd $final_path && php mud.php config locale:$language" -s /bin/sh www-data +sudo su -c "cd $final_path && php mud.php config loglevel:1" -s /bin/sh www-data +sudo su -c "cd $final_path && php mud.php config environment:production" -s /bin/sh www-data +sudo su -c "cd $final_path && php mud.php config timezone:`cat /etc/timezone`" -s /bin/sh www-data +sudo su -c "cd $final_path && php mud.php config username:$admin" -s /bin/sh www-data +sudo su -c "cd $final_path && php mud.php config password:`echo -n $password | sha1sum | awk '{print $1}'`" -s /bin/sh www-data if [ $public_site = "No" ]; then - sudo su -c "cd $final_path && php mud.php config xmppwhitelist:$domain" movim + sudo su -c "cd $final_path && php mud.php config xmppwhitelist:$domain" -s /bin/sh www-data fi sudo yunohost app addaccess movim -u $admin @@ -105,7 +102,7 @@ fi sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf sed -i "s@YHPORT@$port@g" ../conf/nginx.conf -sed -i "s@//ws/@/ws/@g" ../conf/nginx # Avoid duplicate / +sed -i "s@//ws/@/ws/@g" ../conf/nginx.conf # Avoid duplicate / sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/movim.conf # SSOwat Configuration diff --git a/scripts/upgrade b/scripts/upgrade index eddd07e..3672cdf 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -10,19 +10,9 @@ final_path=/var/www/movim sudo cp -a ../sources/* $final_path #sudo chown -R www-data: $final_path -# Create movim user if not exists and set permissions -if grep -q movim /etc/passwd; then - sudo chown -R movim:www-data $final_path - sudo chmod -R 770 $final_path -else - sudo useradd -s /bin/sh -d $final_path movim - sudo chown -R movim:www-data $final_path - sudo chmod -R 770 $final_path -fi - # Update PHP dependencies -sudo su -c "curl -sS https://getcomposer.org/installer | php -- --install-dir=$final_path" movim -sudo su -c "cd $final_path && php composer.phar install" movim +sudo su -c "curl -sS https://getcomposer.org/installer | php -- --install-dir=$final_path" -s /bin/sh www-data +sudo su -c "cd $final_path && php composer.phar install" -s /bin/sh www-data # Movim configuration sudo sed -i "s@/ws/@$path/ws/@g" $final_path/app/assets/js/movim_websocket.js