diff --git a/scripts/install b/scripts/install index 5a6f906..b99d10b 100644 --- a/scripts/install +++ b/scripts/install @@ -181,19 +181,16 @@ ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions to app files -chown -R root:root "$final_path" -chown $app: "$final_path" -mkdir -p $app: "$final_path/.config" -chown $app: "$final_path/.config" -mkdir -p $app: "$final_path/.cache" -chown $app: "$final_path/.cache" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" + mkdir -p "$final_path/live/log" chown -R $app: "$final_path/live/log" mkdir -p "$final_path/live/public" chown -R $app: "$final_path/live/public" mkdir -p "$final_path/live/tmp" chown -R $app: "$final_path/live/tmp" -chown $app: "$final_path/live/Gemfile.lock" mkdir -p "/var/log/$app" chown -R $app: "/var/log/$app" diff --git a/scripts/restore b/scripts/restore index 02468b8..769305a 100755 --- a/scripts/restore +++ b/scripts/restore @@ -99,20 +99,16 @@ popd #================================================= # Restore permissions on app files -chown -R root:root "$final_path" -chown $app: "$final_path" -chown $app: "$final_path/live" -mkdir -p $app: "$final_path/.config" -chown $app: "$final_path/.config" -mkdir -p $app: "$final_path/.cache" -chown $app: "$final_path/.cache" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" + mkdir -p "$final_path/live/log" chown -R $app: "$final_path/live/log" mkdir -p "$final_path/live/public" chown -R $app: "$final_path/live/public" mkdir -p "$final_path/live/tmp" chown -R $app: "$final_path/live/tmp" -chown $app: "$final_path/live/Gemfile.lock" mkdir -p "/var/log/$app" chown -R $app: "/var/log/$app" diff --git a/scripts/upgrade b/scripts/upgrade index f069f1a..d865249 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -208,19 +208,16 @@ ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_script_progression --message="Securing files and directories..." --weight=2 # Set permissions to app files -chown -R root:root "$final_path" -chown $app: "$final_path" -mkdir -p $app: "$final_path/.config" -chown $app: "$final_path/.config" -mkdir -p $app: "$final_path/.cache" -chown $app: "$final_path/.cache" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" + mkdir -p "$final_path/live/log" chown -R $app: "$final_path/live/log" mkdir -p "$final_path/live/public" chown -R $app: "$final_path/live/public" mkdir -p "$final_path/live/tmp" chown -R $app: "$final_path/live/tmp" -chown $app: "$final_path/live/Gemfile.lock" mkdir -p "/var/log/$app" chown -R $app: "/var/log/$app"