diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 6de65f1..50354f3 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -20,8 +20,8 @@ ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = www-data -group = www-data +user = __USER__ +group = __USER__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: diff --git a/scripts/install b/scripts/install index 4800ac3..a427465 100755 --- a/scripts/install +++ b/scripts/install @@ -82,6 +82,14 @@ ynh_print_info "Configuring nginx web server..." # Create a dedicated nginx config ynh_add_nginx_config +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_print_info "Configuring system user..." + +# Create a system user +ynh_system_user_create $app + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -98,10 +106,10 @@ ynh_add_fpm_config ynh_print_info "Creating statedir and final_logpath..." mkdir -p $statedir -chown -R www-data:www-data $statedir +chown -R $app: $statedir mkdir -p $final_logpath -chown -R www-data:www-data $final_logpath +chown -R $app: $final_logpath #================================================= # MODIFY A CONFIG FILE @@ -201,7 +209,7 @@ ln -s /usr/share/awl/inc/XML* /var/www/$app/include/ #================================================= # Set permissions to app files -chown -R www-data: $final_path +chown -R $app: $final_path #================================================= # SETUP LOGROTATE diff --git a/scripts/restore b/scripts/restore index 995817f..69de332 100755 --- a/scripts/restore +++ b/scripts/restore @@ -54,15 +54,29 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_print_info "Restoring the app main directory..." ynh_restore_file "$final_path" -chown -R www-data: $final_path # Restore statedir ynh_restore_file "$statedir" -chown -R www-data:www-data $statedir # Restore logs, data & permissions ynh_restore_file "$final_logpath" -chown -R www-data:www-data $final_logpath + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_print_info "Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create $app + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +# Restore permissions on app files +chown -R $app: $final_path +chown -R $app: $statedir +chown -R $app: $final_logpath #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index f3c0a44..8347a2b 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -46,16 +46,18 @@ if [ -z "$statedir" ]; then statedir="/home/yunohost.app/$app" ynh_app_setting_set "$app" statedir "$statedir" + mkdir -p $statedir else - echo "${statedir} exists, we don't create it." + ynh_print_info "${statedir} exists, we don't create it." fi if [ -z "$final_logpath" ]; then final_logpath="/var/log/$app" ynh_app_setting_set "$app" final_logpath "$final_logpath" + mkdir -p $final_logpath else - echo "${final_logpath} exists, we don't create it." + ynh_print_info "${final_logpath} exists, we don't create it." fi #================================================= @@ -100,6 +102,14 @@ ynh_print_info "Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_print_info "Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create $app + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -216,7 +226,10 @@ ynh_use_logrotate --non-append #================================================= # Set permissions on app files -chown -R www-data: $final_path +chown -R $app: $final_path + +chown -R $app: $statedir +chown -R $app: $final_logpath #================================================= # SETUP SSOWAT