Skip to content

Commit b7399e3

Browse files
florianPatflorianPat
committed
fix(perm-helpers): Fix permission setup so that it also works for alpine
containers without bash
1 parent bae31e9 commit b7399e3

File tree

1 file changed

+12
-20
lines changed

1 file changed

+12
-20
lines changed

scripts/user-perm-helpers.sh

Lines changed: 12 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -10,31 +10,25 @@ LANDO_MODULE="userperms"
1010
add_user() {
1111
local USER=$1
1212
local GROUP=$2
13-
local UID=$3
14-
local GID=$4
15-
local DISTRO=$5
16-
local EXTRAS="$6"
17-
if [ "$DISTRO" = "alpine" ]; then
18-
if ! groups | grep "$GROUP" > /dev/null 2>&1; then addgroup -g "$GID" "$GROUP" 2>/dev/null; fi
19-
if ! id -u "$GROUP" > /dev/null 2>&1; then adduser -H -D -G "$GROUP" -u "$UID" "$USER" "$GROUP" 2>/dev/null; fi
20-
else
21-
if ! groups | grep "$GROUP" > /dev/null 2>&1; then groupadd --force --gid "$GID" "$GROUP" 2>/dev/null; fi
22-
if ! id -u "$GROUP" > /dev/null 2>&1; then useradd --gid "$GID" --uid "$UID" $EXTRAS "$USER" 2>/dev/null; fi
23-
fi;
13+
local WEBROOT_UID=$3
14+
local WEBROOT_GID=$4
15+
if ! getent group | cut -d: -f1 | grep "$GROUP" > /dev/null 2>&1; then addgroup -g "$WEBROOT_GID" "$GROUP" 2>/dev/null; fi
16+
if ! id -u "$USER" > /dev/null 2>&1; then adduser -H -D -G "$GROUP" -u "$WEBROOT_UID" "$USER" "$GROUP" 2>/dev/null; fi
2417
}
2518

2619
# Verify user
2720
verify_user() {
2821
local USER=$1
2922
local GROUP=$2
30-
local DISTRO=$3
3123
id -u "$USER" > /dev/null 2>&1
32-
groups | grep "$GROUP" > /dev/null 2>&1
33-
if [ "$DISTRO" = "alpine" ]; then
24+
groups "$USER" | grep "$GROUP" > /dev/null 2>&1
25+
if command -v chsh > /dev/null 2>&1 ; then
26+
if command -v /bin/bash > /dev/null 2>&1 ; then
27+
chsh -s /bin/bash $USER || true
28+
fi;
29+
else
3430
true
3531
# is there a chsh we can use? do we need to?
36-
else
37-
chsh -s /bin/bash $USER || true
3832
fi;
3933
}
4034

@@ -59,11 +53,10 @@ reset_user() {
5953
if [ "$(id -u $USER)" != "$HOST_UID" ]; then
6054
usermod -o -u "$HOST_UID" "$USER" 2>/dev/null
6155
fi
62-
groupmod -g "$HOST_GID" "$GROUP" 2>/dev/null || true
63-
if [ "$(id -u $USER)" != "$HOST_UID" ]; then
56+
groupmod -o -g "$HOST_GID" "$GROUP" 2>/dev/null || true
57+
if [ "$(id -g $USER)" != "$HOST_GID" ]; then
6458
usermod -g "$HOST_GID" "$USER" 2>/dev/null || true
6559
fi
66-
usermod -a -G "$GROUP" "$USER" 2>/dev/null || true
6760
fi;
6861
# If this mapping is incorrect lets abort here
6962
if [ "$(id -u $USER)" != "$HOST_UID" ]; then
@@ -97,7 +90,6 @@ perm_sweep() {
9790
nohup find /user/.ssh -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
9891
nohup find /var/www -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
9992
nohup find /usr/local/bin -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
100-
nohup chmod -R 755 /var/www >/dev/null 2>&1 &
10193

10294
# Lets also make some /usr/locals chowned
10395
nohup find /usr/local/lib -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &

0 commit comments

Comments
 (0)