diff --git a/package_check.sh b/package_check.sh index af6701d..f91a40c 100755 --- a/package_check.sh +++ b/package_check.sh @@ -727,6 +727,10 @@ TEST_RESULTS () { global_level=0 fi + if [ $RESULT_alias_traversal -eq 1 ] + then + ECHO_FORMAT "Issue alias_traversal was detected ! Please see here https://github.com/YunoHost/example_ynh/pull/45 to fix that.\n" "red" "bold" + fi # Then, print the levels # Print the global level @@ -789,6 +793,7 @@ LXC_INIT initialize_values() { # Test results RESULT_witness=0 + RESULT_alias_traversal=0 RESULT_linter=0 RESULT_global_setup=0 RESULT_global_remove=0 diff --git a/sub_scripts/lxc_upgrade.sh b/sub_scripts/lxc_upgrade.sh index 2b9c822..c7f6577 100755 --- a/sub_scripts/lxc_upgrade.sh +++ b/sub_scripts/lxc_upgrade.sh @@ -35,13 +35,13 @@ if [ "$(whoami)" != "$(cat "$script_dir/setup_user")" ] && test -e "$script_dir/ exit 0 fi -echo "\e[1m> Active le bridge réseau\e[0m" +echo -e "\e[1m> Active le bridge réseau\e[0m" if ! sudo ifquery $LXC_BRIDGE --state > /dev/null then sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE fi -echo "\e[1m> Configure le parefeu\e[0m" +echo -e "\e[1m> Configure le parefeu\e[0m" if ! sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT 2> /dev/null then sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT @@ -55,7 +55,7 @@ then sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE fi -echo "\e[1m> Démarrage de la machine\e[0m" +echo -e "\e[1m> Démarrage de la machine\e[0m" if [ $(sudo lxc-info --name $LXC_NAME | grep -c "STOPPED") -eq 0 ]; then # Si la machine n'est pas à l'arrêt. sudo lxc-stop -n $LXC_NAME # Arrête la machine LXC @@ -67,7 +67,7 @@ sudo lxc-start -n $LXC_NAME -d sleep 3 sudo lxc-ls -f -echo "\e[1m> Update\e[0m" +echo -e "\e[1m> Update\e[0m" update_apt=0 sudo lxc-attach -n $LXC_NAME -- apt-get update sudo lxc-attach -n $LXC_NAME -- apt-get dist-upgrade --dry-run | grep -q "^Inst " # Vérifie si il y aura des mises à jour. @@ -75,10 +75,10 @@ sudo lxc-attach -n $LXC_NAME -- apt-get dist-upgrade --dry-run | grep -q "^Inst if [ "$?" -eq 0 ]; then update_apt=1 fi -echo "\e[1m> Upgrade\e[0m" +echo -e "\e[1m> Upgrade\e[0m" sudo lxc-attach -n $LXC_NAME -- apt-get dist-upgrade --option Dpkg::Options::=--force-confold -yy -echo "\e[1m> Clean\e[0m" +echo -e "\e[1m> Clean\e[0m" sudo lxc-attach -n $LXC_NAME -- apt-get autoremove -y sudo lxc-attach -n $LXC_NAME -- apt-get autoclean if [ "$update_apt" -eq 1 ] @@ -86,10 +86,10 @@ then # Print les numéros de version de Yunohost, si il y a eu un upgrade (sudo lxc-attach -n $LXC_NAME -- yunohost -v) | sudo tee "$script_dir/ynh_version" fi -echo "\e[1m> Arrêt de la machine virtualisée\e[0m" +echo -e "\e[1m> Arrêt de la machine virtualisée\e[0m" sudo lxc-stop -n $LXC_NAME -echo "\e[1m> Suppression des règles de parefeu\e[0m" +echo -e "\e[1m> Suppression des règles de parefeu\e[0m" sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT sudo iptables -D FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE @@ -98,9 +98,9 @@ sudo ifdown --force $LXC_BRIDGE if [ "$update_apt" -eq 1 ] then - echo "\e[1m> Archivage du snapshot\e[0m" + echo -e "\e[1m> Archivage du snapshot\e[0m" sudo tar -cz --acls --xattrs -f /var/lib/lxcsnaps/$LXC_NAME/snap0.tar.gz /var/lib/lxcsnaps/$LXC_NAME/snap0 - echo "\e[1m> Remplacement du snapshot\e[0m" + echo -e "\e[1m> Remplacement du snapshot\e[0m" sudo lxc-snapshot -n $LXC_NAME -d snap0 sudo lxc-snapshot -n $LXC_NAME fi diff --git a/sub_scripts/testing_process.sh b/sub_scripts/testing_process.sh index dbfcb0f..43a7d09 100644 --- a/sub_scripts/testing_process.sh +++ b/sub_scripts/testing_process.sh @@ -357,6 +357,11 @@ CHECK_URL () { fi done + # Detect the issue alias_traversal, https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md + curl --location --insecure --silent $check_domain$check_path../html/index.nginx-debian.html \ + | grep "title" | grep --quiet "Welcome to nginx on Debian" \ + && (ECHO_FORMAT "Issue alias_traversal detected ! Please see here https://github.com/YunoHost/example_ynh/pull/45 to fix that.\n" "red" "bold" && RESULT_alias_traversal=1) + # Remove the entries in /etc/hosts for the test domain sudo sed --in-place '/#package_check/d' /etc/hosts else