[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-deployment] branch master updated: Prefer setgid per
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-deployment] branch master updated: Prefer setgid perm |
Date: |
Sat, 08 Jun 2019 14:28:06 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository deployment.
The following commit(s) were added to refs/heads/master by this push:
new 2736a54 Prefer setgid perm
2736a54 is described below
commit 2736a54800c2ff279e1de425364a453539bae07b
Author: Marcello Stanisci <address@hidden>
AuthorDate: Sat Jun 8 14:27:59 2019 +0200
Prefer setgid perm
---
bin/taler-deployment-config-generate | 2 --
bin/taler-deployment-keyup | 3 ---
bin/taler-deployment-shared-data | 10 +++++++++-
3 files changed, 9 insertions(+), 6 deletions(-)
diff --git a/bin/taler-deployment-config-generate
b/bin/taler-deployment-config-generate
index 8dd5695..9995d65 100755
--- a/bin/taler-deployment-config-generate
+++ b/bin/taler-deployment-config-generate
@@ -27,14 +27,12 @@ AUDITOR_MASTER_PRIV=$(taler-config -s auditor -o
auditor_priv_file -f)
if [[ ! -f $EXCHANGE_MASTER_PRIV ]] ; then
mkdir -p $(dirname $EXCHANGE_MASTER_PRIV)
cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv
$EXCHANGE_MASTER_PRIV
- chgrp ${TALER_CONFIG_ENV} $EXCHANGE_MASTER_PRIV
chmod g+rx $EXCHANGE_MASTER_PRIV
fi
if [[ ! -f $AUDITOR_MASTER_PRIV ]] ; then
mkdir -p $(dirname $AUDITOR_MASTER_PRIV)
cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv
$AUDITOR_MASTER_PRIV
- chgrp ${TALER_CONFIG_ENV} $AUDITOR_MASTER_PRIV
chmod g+rx $AUDITOR_MASTER_PRIV
fi
diff --git a/bin/taler-deployment-keyup b/bin/taler-deployment-keyup
index 1c487a2..ab5ec30 100755
--- a/bin/taler-deployment-keyup
+++ b/bin/taler-deployment-keyup
@@ -25,10 +25,8 @@ taler-exchange-keyup \
# or-ing with true as user A won't be able to
# change permissions for user B's files.
-chgrp -R $TALER_CONFIG_ENV $EXCHANGE_LIVE_KEYS/* || true
chmod -R 070 $EXCHANGE_LIVE_KEYS/* || true
-chgrp -R $TALER_CONFIG_ENV $EXCHANGE_WIREFEES/* || true
chmod -R 070 $EXCHANGE_WIREFEES/* || true
taler-auditor-exchange \
@@ -49,5 +47,4 @@ fi
# or-ing with true as user A won't be able to
# change permissions for user B's files.
-chgrp -R $TALER_CONFIG_ENV $AUDITOR_BASE_DIR/* || true
chmod -R 070 $AUDITOR_BASE_DIR/* || true
diff --git a/bin/taler-deployment-shared-data b/bin/taler-deployment-shared-data
index 805fcf6..7f59387 100755
--- a/bin/taler-deployment-shared-data
+++ b/bin/taler-deployment-shared-data
@@ -30,6 +30,15 @@ if ! test -w $SHARED_DATA; then
exit 0
fi
+# Check if shared-data/ has the right group (test|demo),
+# and set the SETGID permission if so.
+SHARED_DATA_GROUP=$(stat --format "%G" $SHARED_DATA)
+if ! echo $SHARED_DATA_GROUP | grep $TALER_CONFIG_ENV; then
+ echo "$SHARED_DATA has the wrong group ($SHARED_DATA_GROUP), please fix."
+ exit 1
+fi
+chmod g+s $SHARED_DATA
+
declare -A TALER_DIRS=(
[MERCHANT_WIRE]=$(dirname $(taler-config -s account-merchant -o
wire_response -f))
[MERCHANT]=$(dirname $(taler-config -s instance-default -o keyfile -f))
@@ -50,5 +59,4 @@ for dir in ${TALER_DIRS[@]}; do
done
# All dirs will give only the group RWX perms.
-chgrp -R $TALER_CONFIG_ENV $SHARED_DATA
chmod -R 070 $SHARED_DATA
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-deployment] branch master updated: Prefer setgid perm,
gnunet <=