From 5a246be7e3f986083416f8eef1e99c5624d783a9 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sun, 13 Oct 2019 19:50:59 +0200 Subject: [PATCH] [enh] proper ownership --- scripts/install | 21 ++++++++++++--------- scripts/upgrade | 21 ++++++++++++--------- scripts/ynh_exec_as | 14 ++++++++++++++ 3 files changed, 38 insertions(+), 18 deletions(-) create mode 100644 scripts/ynh_exec_as diff --git a/scripts/install b/scripts/install index c4f2d02..99e3b7e 100755 --- a/scripts/install +++ b/scripts/install @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_exec_as source /usr/share/yunohost/helpers #================================================= @@ -94,14 +95,24 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --time --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # Install through npm #================================================= ynh_script_progression --message="Installing node-red..." --time --weight=2 +chown -R $app: $final_path + pushd $final_path ynh_use_nodejs -npm install --production +exec_as $app env PATH=$PATH npm install --production popd #================================================= @@ -114,14 +125,6 @@ ynh_script_progression --message="Configuring nginx web server..." --time --weig # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --time --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # PHP-FPM CONFIGURATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 383b9fd..4ee9635 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_exec_as source /usr/share/yunohost/helpers #================================================= @@ -115,14 +116,24 @@ then ynh_setup_source --dest_dir="$final_path" fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # Install through npm #================================================= ynh_script_progression --message="Installing node-red..." --time --weight=2 +chown -R $app: $final_path + pushd $final_path ynh_use_nodejs -npm install --production +exec_as $app env PATH=$PATH npm install --production popd #================================================= @@ -133,14 +144,6 @@ ynh_script_progression --message="Upgrading nginx web server configuration..." - # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # PHP-FPM CONFIGURATION #================================================= diff --git a/scripts/ynh_exec_as b/scripts/ynh_exec_as new file mode 100644 index 0000000..11b056b --- /dev/null +++ b/scripts/ynh_exec_as @@ -0,0 +1,14 @@ +#!/bin/bash + +# Execute a command as another user +# usage: exec_as USER COMMAND [ARG ...] +exec_as() { + local USER=$1 + shift 1 + + if [[ $USER = $(whoami) ]]; then + eval "$@" + else + sudo -u "$USER" "$@" + fi +}