Skip to content

Commit 4e56e47

Browse files
florianPatflorianPat
committed
fix(perm-helpers): Fix permission setup so that it also works for alpine
containers without bash
1 parent e701384 commit 4e56e47

File tree

1 file changed

+20
-12
lines changed

1 file changed

+20
-12
lines changed

scripts/user-perm-helpers.sh

+20-12
Original file line numberDiff line numberDiff line change
@@ -10,25 +10,31 @@ LANDO_MODULE="userperms"
1010
add_user() {
1111
local USER=$1
1212
local GROUP=$2
13-
local WEBROOT_UID=$3
14-
local WEBROOT_GID=$4
15-
if ! getent group | cut -d: -f1 | grep "$GROUP" > /dev/null 2>&1; then addgroup -g "$WEBROOT_GID" "$GROUP" 2>/dev/null; fi
16-
if ! id -u "$USER" > /dev/null 2>&1; then adduser -H -D -G "$GROUP" -u "$WEBROOT_UID" "$USER" "$GROUP" 2>/dev/null; fi
13+
local UID=$3
14+
local GID=$4
15+
local DISTRO=$5
16+
local EXTRAS="$6"
17+
if [ "$DISTRO" = "alpine" ]; then
18+
if ! groups | grep "$GROUP" > /dev/null 2>&1; then addgroup -g "$GID" "$GROUP" 2>/dev/null; fi
19+
if ! id -u "$GROUP" > /dev/null 2>&1; then adduser -H -D -G "$GROUP" -u "$UID" "$USER" "$GROUP" 2>/dev/null; fi
20+
else
21+
if ! groups | grep "$GROUP" > /dev/null 2>&1; then groupadd --force --gid "$GID" "$GROUP" 2>/dev/null; fi
22+
if ! id -u "$GROUP" > /dev/null 2>&1; then useradd --gid "$GID" --uid "$UID" $EXTRAS "$USER" 2>/dev/null; fi
23+
fi;
1724
}
1825

1926
# Verify user
2027
verify_user() {
2128
local USER=$1
2229
local GROUP=$2
30+
local DISTRO=$3
2331
id -u "$USER" > /dev/null 2>&1
24-
groups "$USER" | grep "$GROUP" > /dev/null 2>&1
25-
if command -v chsh > /dev/null 2>&1 ; then
26-
if command -v /bin/bash > /dev/null 2>&1 ; then
27-
chsh -s /bin/bash $USER || true
28-
fi;
29-
else
32+
groups | grep "$GROUP" > /dev/null 2>&1
33+
if [ "$DISTRO" = "alpine" ]; then
3034
true
3135
# is there a chsh we can use? do we need to?
36+
else
37+
chsh -s /bin/bash $USER || true
3238
fi;
3339
}
3440

@@ -53,10 +59,11 @@ reset_user() {
5359
if [ "$(id -u $USER)" != "$HOST_UID" ]; then
5460
usermod -o -u "$HOST_UID" "$USER" 2>/dev/null
5561
fi
56-
groupmod -o -g "$HOST_GID" "$GROUP" 2>/dev/null || true
57-
if [ "$(id -g $USER)" != "$HOST_GID" ]; then
62+
groupmod -g "$HOST_GID" "$GROUP" 2>/dev/null || true
63+
if [ "$(id -u $USER)" != "$HOST_UID" ]; then
5864
usermod -g "$HOST_GID" "$USER" 2>/dev/null || true
5965
fi
66+
usermod -a -G "$GROUP" "$USER" 2>/dev/null || true
6067
fi;
6168
# If this mapping is incorrect lets abort here
6269
if [ "$(id -u $USER)" != "$HOST_UID" ]; then
@@ -91,6 +98,7 @@ perm_sweep() {
9198
nohup find /user/.ssh -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
9299
nohup find /var/www -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
93100
nohup find /usr/local/bin -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
101+
nohup chmod -R 755 /var/www >/dev/null 2>&1 &
94102

95103
# Lets also make some /usr/locals chowned
96104
nohup find /usr/local/lib -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &

0 commit comments

Comments
 (0)