From 0cbb7e9897aec9a362b82565ba63d20a099d0d18 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Fri, 4 Aug 2017 23:22:29 +0200 Subject: [PATCH] Upgrade to upstream version 2017-08-03 --- README.md | 4 ++-- scripts/_common.sh | 34 +++++++++++++++++++++++++++++++--- scripts/upgrade | 4 +++- 3 files changed, 36 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index b4b2883..8966e57 100644 --- a/README.md +++ b/README.md @@ -3,9 +3,9 @@ rss-bridge for Yunohost This is a rss-bridge package for YunoHost. -**Shipped version:** 0.2 +**Shipped version:** 2017-08-03 -[rss-bridge](https://github.com/RSS-Bridge/rss-bridge) rss-bridge is a PHP project capable of generating ATOM feeds for websites which don't have one. +[rss-bridge](https://github.com/RSS-Bridge/rss-bridge) is a PHP project capable of generating ATOM feeds for websites which don't have one. ## Supported sites/pages (main) diff --git a/scripts/_common.sh b/scripts/_common.sh index c021d77..62bbfe5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,13 +3,13 @@ # # Package version -VERSION="0.2" +VERSION="2017-08-03" # Full sources tarball URL -SOURCE_URL="https://github.com/RSS-Bridge/rss-bridge/archive/v${VERSION}.tar.gz" +SOURCE_URL="https://github.com/RSS-Bridge/rss-bridge/archive/${VERSION}.tar.gz" # Full sources tarball checksum -SOURCE_SHA256="23ec537e9d00c64bc6143231495377f2ef4dc72c6826faec0e0be3dcc7f20e41" +SOURCE_SHA256="14fa20d68843c58dbe4ac24b07b8329a98b8429fd4aea343927e41518a374117" # App package root directory should be the parent folder PKGDIR=$(cd ../; pwd) @@ -278,4 +278,32 @@ ynh_system_user_delete () { else echo "The user $1 was not found" >&2 fi +} + +# Remove a file or a directory securely +# +# usage: ynh_secure_remove path_to_remove +# | arg: path_to_remove - File or directory to remove +ynh_secure_remove () { + path_to_remove=$1 + forbidden_path=" \ + /var/www \ + /home/yunohost.app" + + if [[ "$forbidden_path" =~ "$path_to_remove" \ + # Match all paths or subpaths in $forbidden_path + || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ + # Match all first level paths from / (Like /var, /root, etc...) + || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] + # Match if the path finishes by /. Because it seems there is an empty variable + then + echo "Avoid deleting $path_to_remove." >&2 + else + if [ -e "$path_to_remove" ] + then + sudo rm -R "$path_to_remove" + else + echo "$path_to_remove wasn't deleted because it doesn't exist." >&2 + fi + fi } \ No newline at end of file diff --git a/scripts/upgrade b/scripts/upgrade index 15e236a..257b8bd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -58,6 +58,9 @@ ynh_system_user_create $app # Create dedicated user if not existing # SPECIFIC SETUP #================================================= +# Remove last version (we don't keep whitelist) +ynh_secure_remove "$final_path" + # Install files and set permissions sudo mv "$TMPDIR" "$final_path" @@ -66,7 +69,6 @@ sudo chown -R root: $final_path sudo chown -R $app: $final_path/cache sudo chmod 755 $final_path -[ -f $final_path/whitelist.txt ] && sudo rm $final_path/whitelist.txt # Enable every bridge for i in $final_path/bridges/*.php ; do echo $(basename $i) | sed "s|Bridge.php$||g" | sudo tee -a $final_path/whitelist.txt