Merge claude/1
This commit is contained in:
commit
10dc7d0bc0
@ -82,8 +82,13 @@ runInstallWrite() {
|
||||
# password and BORG_/RESTIC_/KOPIA_ env vars reach the tool. Never root — the
|
||||
# scoped sudoers lets the manager drop to this user. Single funnel so the
|
||||
# backup subsystem's privilege drop has one audit point.
|
||||
# -H resets HOME to the target user's so restic finds (or creates) its cache
|
||||
# under /home/$docker_install_user/.cache/restic instead of inheriting the
|
||||
# manager's HOME (which dockerinstall can't write into, surfacing as
|
||||
# "unable to open cache: mkdir /home/libreportal/.cache/restic: permission denied"
|
||||
# on every backup).
|
||||
runBackupOp() {
|
||||
sudo -E -u "$docker_install_user" "$@"
|
||||
sudo -E -H -u "$docker_install_user" "$@"
|
||||
}
|
||||
|
||||
# Run one of the ROOT-OWNED LibrePortal helpers installed (root:root 0755) under
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user