From 00d535a620ac8c4e5a7dbd7bfbcdb4f7338318cd Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 6 Dec 2021 18:38:49 +0100 Subject: [PATCH] Stop using /home/yunohost.conf for regenconf / confbackup, /var/cache is fine, prevent confusing /home/yunohost.* folder --- helpers/backup | 6 +++--- hooks/conf_regen/01-yunohost | 7 ++----- src/regenconf.py | 2 +- 3 files changed, 6 insertions(+), 9 deletions(-) diff --git a/helpers/backup b/helpers/backup index e4828a10d..01b51d5a1 100644 --- a/helpers/backup +++ b/helpers/backup @@ -226,7 +226,7 @@ with open(sys.argv[1], 'r') as backup_file: # ynh_restore_file -o "conf/nginx.conf" # # If `DEST_PATH` already exists and is lighter than 500 Mo, a backup will be made in -# `/home/yunohost.conf/backup/`. Otherwise, the existing file is removed. +# `/var/cache/yunohost/appconfbackup/`. Otherwise, the existing file is removed. # # if `apps/$app/etc/nginx/conf.d/$domain.d/$app.conf` exists, restore it into # `/etc/nginx/conf.d/$domain.d/$app.conf` @@ -263,7 +263,7 @@ ynh_restore_file() { if [[ -e "${dest_path}" ]]; then # Check if the file/dir size is less than 500 Mo if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]]; then - local backup_file="/home/yunohost.conf/backup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')" + local backup_file="/var/cache/yunohost/appconfbackup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')" mkdir --parents "$(dirname "$backup_file")" mv "${dest_path}" "$backup_file" # Move the current file or directory else @@ -353,7 +353,7 @@ ynh_backup_if_checksum_is_different() { backup_file_checksum="" if [ -n "$checksum_value" ]; then # Proceed only if a value was stored into the app settings if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status; then # If the checksum is now different - backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')" + backup_file_checksum="/var/cache/yunohost/appconfbackup/$file.backup.$(date '+%Y%m%d.%H%M%S')" mkdir --parents "$(dirname "$backup_file_checksum")" cp --archive "$file" "$backup_file_checksum" # Backup the current file ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum" diff --git a/hooks/conf_regen/01-yunohost b/hooks/conf_regen/01-yunohost index 22929db33..14840e2f1 100755 --- a/hooks/conf_regen/01-yunohost +++ b/hooks/conf_regen/01-yunohost @@ -174,12 +174,12 @@ do_post_regen() { ###################### chmod 750 /home/admin - chmod 750 /home/yunohost.conf chmod 750 /home/yunohost.backup chmod 750 /home/yunohost.backup/archives - chown root:root /home/yunohost.conf + chmod 700 /var/cache/yunohost chown admin:root /home/yunohost.backup chown admin:root /home/yunohost.backup/archives + chown root:root /var/cache/yunohost # NB: x permission for 'others' is important for ssl-cert (and maybe mdns), otherwise slapd will fail to start because can't access the certs chmod 755 /etc/yunohost @@ -195,9 +195,6 @@ do_post_regen() { find /etc/cron.d/yunohost-* -type f -exec chmod 644 {} \; find /etc/cron.*/yunohost-* -type f -exec chown root:root {} \; - chown root:root /var/cache/yunohost - chmod 700 /var/cache/yunohost - setfacl -m g:all_users:--- /var/www setfacl -m g:all_users:--- /var/log/nginx setfacl -m g:all_users:--- /etc/yunohost diff --git a/src/regenconf.py b/src/regenconf.py index afcfb4360..1be62a96f 100644 --- a/src/regenconf.py +++ b/src/regenconf.py @@ -35,7 +35,7 @@ from yunohost.utils.error import YunohostError from yunohost.log import is_unit_operation from yunohost.hook import hook_callback, hook_list -BASE_CONF_PATH = "/home/yunohost.conf" +BASE_CONF_PATH = "/var/cache/yunohost/regenconf" BACKUP_CONF_DIR = os.path.join(BASE_CONF_PATH, "backup") PENDING_CONF_DIR = os.path.join(BASE_CONF_PATH, "pending") REGEN_CONF_FILE = "/etc/yunohost/regenconf.yml"