mirror of
https://github.com/YunoHost-Apps/wallabag2_ynh.git
synced 2024-10-01 13:35:06 +02:00
Tighten permissions (#99)
* Tighten permissions * Check for existence of cache file before chmoding it
This commit is contained in:
parent
8407715c98
commit
dddcb5789f
4 changed files with 21 additions and 14 deletions
|
@ -7,6 +7,22 @@
|
|||
# dependencies used by the app
|
||||
pkg_dependencies="php-cli php-mysql php-json php-gd php-tidy php-curl php-gettext php-redis"
|
||||
|
||||
#=================================================
|
||||
# PERSONAL HELPERS
|
||||
#=================================================
|
||||
|
||||
function set_permissions {
|
||||
# Set permissions to app files
|
||||
chown -R $app:www-data $final_path
|
||||
chmod -R g=u,g-w,o-rwx $final_path
|
||||
|
||||
# Restrict rights to Wallabag user only
|
||||
chmod 600 $wb_conf
|
||||
if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then
|
||||
chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php
|
||||
fi
|
||||
}
|
||||
|
||||
#=================================================
|
||||
# EXPERIMENTAL HELPERS
|
||||
#=================================================
|
||||
|
|
|
@ -160,12 +160,7 @@ ynh_add_fail2ban_config --logpath="/var/www/$app/var/logs/prod.log" --failregex=
|
|||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Restrict rights to Wallabag user only
|
||||
chmod 600 $wb_conf
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R $app: $final_path
|
||||
chmod 755 $final_path
|
||||
set_permissions
|
||||
|
||||
#=================================================
|
||||
# SETUP HOOKS
|
||||
|
|
|
@ -66,8 +66,9 @@ ynh_system_user_create --username=$app
|
|||
# RESTORE USER RIGHTS
|
||||
#=================================================
|
||||
|
||||
# Restore permissions on app files
|
||||
chown -R $app: $final_path
|
||||
wb_conf=$final_path/app/config/parameters.yml
|
||||
|
||||
set_permissions
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE PHP-FPM CONFIGURATION
|
||||
|
|
|
@ -191,12 +191,7 @@ fi
|
|||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Restrict rights to Wallabag user only
|
||||
chmod 600 $wb_conf
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R $app: $final_path
|
||||
chmod 755 $final_path
|
||||
set_permissions
|
||||
|
||||
#=================================================
|
||||
# SETUP HOOKS
|
||||
|
|
Loading…
Add table
Reference in a new issue