don't let perms on / get messed up by systemd
This commit is contained in:
parent
ccf45ab06e
commit
fbdf0e8a28
|
@ -2,9 +2,9 @@
|
|||
# See https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html
|
||||
|
||||
# Type Path Mode UID GID Age Argument
|
||||
#d /etc/goldilocks 0755 www-data www-data - -
|
||||
#d /opt/goldilocks 0775 www-data www-data - -
|
||||
#d /srv/www 0775 www-data www-data - -
|
||||
#d /etc/ssl/goldilocks 0750 www-data www-data - -
|
||||
#d /var/log/goldilocks 0750 www-data www-data - -
|
||||
#d /run/goldilocks 0755 www-data www-data - -
|
||||
#d /etc/goldilocks 0755 MY_USER MY_GROUP - -
|
||||
#d /opt/goldilocks 0775 MY_USER MY_GROUP - -
|
||||
#d /srv/www 0775 MY_USER MY_GROUP - -
|
||||
#d /etc/ssl/goldilocks 0750 MY_USER MY_GROUP - -
|
||||
#d /var/log/goldilocks 0750 MY_USER MY_GROUP - -
|
||||
d /run/goldilocks 0755 MY_USER MY_GROUP - -
|
||||
|
|
|
@ -11,6 +11,10 @@ sed "s/MY_USER/$my_user/g" "$my_app_dist/$my_app_systemd_service" > "$my_app_dis
|
|||
sed "s/MY_GROUP/$my_group/g" "$my_app_dist/$my_app_systemd_service.2" > "$my_app_dist/$my_app_systemd_service"
|
||||
rm "$my_app_dist/$my_app_systemd_service.2"
|
||||
safe_copy_config "$my_app_dist/$my_app_systemd_service" "$my_root/$my_app_systemd_service"
|
||||
|
||||
sed "s/MY_USER/$my_user/g" "$my_app_dist/$my_app_systemd_tmpfiles" > "$my_app_dist/$my_app_systemd_tmpfiles.2"
|
||||
sed "s/MY_GROUP/$my_group/g" "$my_app_dist/$my_app_systemd_tmpfiles.2" > "$my_app_dist/$my_app_systemd_tmpfiles"
|
||||
rm "$my_app_dist/$my_app_systemd_tmpfiles.2"
|
||||
safe_copy_config "$my_app_dist/$my_app_systemd_tmpfiles" "$my_root/$my_app_systemd_tmpfiles"
|
||||
|
||||
$sudo_cmd systemctl stop "${my_app_name}.service" >/dev/null 2>/dev/null || true
|
||||
|
|
|
@ -122,8 +122,11 @@ echo "User $my_user Group $my_group"
|
|||
$sudo_cmd chown -R $my_user:$my_group $my_tmp/*
|
||||
$sudo_cmd chown root:root $my_tmp/*
|
||||
$sudo_cmd chown root:root $my_tmp
|
||||
# don't even read $my_tmp/
|
||||
# don't change permissions on /, /etc, etc
|
||||
rsync -a --ignore-existing $my_tmp/ $my_root/
|
||||
for my_dir in $my_tmp/*; do
|
||||
rsync -a --ignore-existing $my_tmp/$my_dir/ $my_root/$my_dir/
|
||||
done
|
||||
rsync -a --ignore-existing $my_app_dist/etc/$my_name/$my_name.yml $my_root/etc/$my_name/$my_name.yml
|
||||
source ./installer/install-system-service.sh
|
||||
|
||||
|
|
Loading…
Reference in New Issue