YunoHost-Apps/yeswiki_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/yeswiki_ynh.git synced 2024-09-03 18:05:56 +02:00
Code Issues Activity Actions

More standard way to apply permissions + harden security for wakka.config.php

Browse source
This commit is contained in:
Alexandre Aubin 2023-12-10 10:28:07 +01:00
parent 7573e36a79
commit 8d8cb0bdb7
4 changed files with 11 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
scripts/_common.sh
View file

@ -1,31 +1,3 @@
#!/bin/bash #!/bin/bash
#=================================================
# COMMON VARIABLES
#=================================================
loginldap_version="2021-03-01-2" loginldap_version="2021-03-01-2"
#=================================================
# PERSONAL HELPERS
#=================================================
# update directory right
# | arg: app - The application's name ; default : yeswiki
# | arg: install_dir - The path of the application's folder
# yeswiki_update_dir_rights yeswiki /var/www/yeswiki
yeswiki_update_dir_rights() {
local app="${1:-yeswiki}"
local install_dir="${2}"
chown -R $app:www-data $install_dir
chmod -R u=rwx,g=rx,o-rwx $install_dir
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

9
scripts/install
View file

@ -17,8 +17,8 @@ ynh_script_progression --message="Setting up source files..." --weight=5
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir" ynh_setup_source --dest_dir="$install_dir"
chmod -R o-rwx "$install_dir" chown -R $app:www-data $install_dir
chown -R $app:www-data "$install_dir" chmod -R u=rwX,g=rX,o-rwx $install_dir
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
@ -85,8 +85,9 @@ ynh_replace_string --match_string=");" --replace_string=" 'ldap_base' => 'ou=us
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
#================================================= #=================================================
# Set permissions to app files chown -R $app:www-data $install_dir
yeswiki_update_dir_rights $app $install_dir chmod -R u=rwX,g=rX,o-rwx $install_dir
chmod g-rwx $install_dir/wakka.config.php
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

8
scripts/restore
View file

@ -17,11 +17,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$install_dir" ynh_restore_file --origin_path="$install_dir"
chmod -R o-rwx "$install_dir" chown -R $app:www-data $install_dir
chown -R $app:www-data "$install_dir" chmod -R u=rwX,g=rX,o-rwx $install_dir
chmod g-rwx $install_dir/wakka.config.php
# Restore permissions on app files
yeswiki_update_dir_rights $app $install_dir
#================================================= #=================================================
# RESTORE THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION

5
scripts/upgrade
View file

@ -85,8 +85,9 @@ fi
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
#================================================= #=================================================
# Set permissions on app files chown -R $app:www-data $install_dir
yeswiki_update_dir_rights $app $install_dir chmod -R u=rwX,g=rX,o-rwx $install_dir
chmod g-rwx $install_dir/wakka.config.php
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT