From 784852e11547e33900a0f797083ad8f76af57c31 Mon Sep 17 00:00:00 2001 From: JensDiemer Date: Sat, 1 Jan 2022 14:28:52 +0100 Subject: [PATCH] Fix file permissions see: https://ci-apps-dev.yunohost.org/ci/job/4281 --- scripts/install | 4 ++++ scripts/restore | 15 +++++++++++++++ scripts/upgrade | 4 ++++ 3 files changed, 23 insertions(+) diff --git a/scripts/install b/scripts/install index 89e8771..9192151 100755 --- a/scripts/install +++ b/scripts/install @@ -208,6 +208,10 @@ chown -R "$app:" "$log_path" chown -R "$app:" "$public_path" chown -R "$app:" "$final_path" +chmod o-rwx "$log_path" +chmod o-rwx "$public_path" +chmod o-rwx "$final_path" + #================================================= # SETUP SYSTEMD #================================================= diff --git a/scripts/restore b/scripts/restore index 498e617..5725f4b 100755 --- a/scripts/restore +++ b/scripts/restore @@ -132,6 +132,21 @@ touch "${log_file}" chown -R "$app:" "$log_path" ynh_restore_file --origin_path="/etc/logrotate.d/$app" +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions to app files +chown -R "$app:" "$log_path" +chown -R "$app:" "$public_path" +chown -R "$app:" "$final_path" + +chmod o-rwx "$log_path" +chmod o-rwx "$public_path" +chmod o-rwx "$final_path" + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 7a3e577..581f56d 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -200,6 +200,10 @@ chown -R "$app:" "$log_path" chown -R "$app:" "$public_path" chown -R "$app:" "$final_path" +chmod o-rwx "$log_path" +chmod o-rwx "$public_path" +chmod o-rwx "$final_path" + #================================================= # Start pyinventory via systemd #=================================================