blob: ce698a1b25fabb6c4967fb982b9217a1260aa607 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
#!/bin/bash -e
cd "${MY_INSTALLDIR}"
if [[ $1 = install ]]; then
# Ensure database credentials are secure.
[[ -e config.php ]] || touch config.php
chown --no-dereference "${VHOST_SERVER_UID}":ttrssd config.php
chmod 00440 config.php
# We need to lock down cache/ for the operations below to be
# safe. The permissions match the webapp-config defaults but these
# can be changed and existing installations may also differ.
chown root:root cache/
chmod 00755 cache/
chgrp --no-dereference ttrssd feed-icons/ lock/ cache/*/
chmod g+ws feed-icons/ lock/ cache/*/
# Files within lock/ are exclusively written by the update daemon. cache/
# subdirectories hold files that are modified in place by both processes and
# therefore ACLs are required to ensure that the files themselves are
# created as group writable.
if ! setfacl --modify d:g::rwX cache/*/; then
echo "WARNING: ACLs are not available on this filesystem. Either enable them or set TTRSSD_USER to your PHP user in /etc/conf.d/ttrssd to avoid permission issues."
elif [[ -n $(find cache/ -type f ! -name ".*" ! -name index.html ! \( -group ttrssd -perm -020 \) -print -quit) ]]; then
echo "WARNING: Files that are not writable by the ttrssd group found within the cache directory. Either delete them or correct their permissions."
fi
fi
|
