Merge claude/2
This commit is contained in:
commit
4d982680b3
2
init.sh
2
init.sh
@ -130,7 +130,7 @@ command_symlink="/usr/local/bin/libreportal"
|
||||
# `update apply` runs as the manager and CANNOT rewrite root-owned files, so a bump
|
||||
# tells the updater the new release needs a root re-install (which re-bakes them).
|
||||
# Recorded at install in $lp_lib_dir/.footprint_version. See docs/DEVELOPMENT.md.
|
||||
footprint_version=2
|
||||
footprint_version=3
|
||||
footprint_marker="$lp_lib_dir/.footprint_version"
|
||||
|
||||
# Directories — three independently-relocatable roots (see scripts/source/paths.sh
|
||||
|
||||
@ -7,7 +7,11 @@ dockerDeleteData()
|
||||
if [[ "$app_name" == "" ]]; then
|
||||
isError "No app_name provided, unable to continue..."
|
||||
else
|
||||
local result=$(runFileOp rm -rf $containers_dir$app_name)
|
||||
# Runs via the root-owned helper instead of runFileOp (= dockerinstall),
|
||||
# so container sub-UID dirs (postgres uid 232070, www-data uid 33, …)
|
||||
# are wiped instead of left behind with a "Permission denied" error
|
||||
# and a misleading "successfully uninstalled" message.
|
||||
runOwnership app-data-remove "$app_name"
|
||||
checkSuccess "Deleting $app_name install folder"
|
||||
fi
|
||||
|
||||
|
||||
@ -56,7 +56,10 @@ restoreAppStart()
|
||||
echo "---- $menu_number. Wiping existing app folder"
|
||||
echo ""
|
||||
if [[ -d "$containers_dir$stored_app_name" ]]; then
|
||||
runFileOp rm -rf "${containers_dir:?}$stored_app_name"
|
||||
# Root-owned helper, not runFileOp — restoring over an app that left
|
||||
# sub-UID data behind (postgres, www-data, …) needs to actually wipe
|
||||
# those dirs before laying the snapshot down.
|
||||
runOwnership app-data-remove "$stored_app_name"
|
||||
fi
|
||||
|
||||
((menu_number++))
|
||||
|
||||
@ -211,6 +211,24 @@ app_data_nobody() {
|
||||
[[ -d "$d/data" ]] && chown -R 65534:65534 "$d/data"
|
||||
}
|
||||
|
||||
# Wipe an entire app data tree, including container sub-UID dirs the
|
||||
# manager / dockerinstall user can't reach (e.g. invidious/postgresdata uid
|
||||
# 232070, nextcloud/html uid 33). Used by uninstall + restore-overwrite —
|
||||
# both previously ran `rm -rf` via runFileOp (= as dockerinstall) and silently
|
||||
# left sub-UID dirs behind, breaking reinstall + leaking storage.
|
||||
# Idempotent: a missing dir is success (caller wants "ensure gone"). Refuses
|
||||
# the WebUI's own slot (libreportal) — removing it would brick the WebUI.
|
||||
app_data_remove() {
|
||||
local app="${1:-}"
|
||||
[[ "$app" =~ ^[A-Za-z0-9._-]+$ && "$app" != "." && "$app" != ".." ]] \
|
||||
|| { echo "libreportal-ownership: invalid app name" >&2; return 1; }
|
||||
[[ "$app" == "libreportal" ]] \
|
||||
&& { echo "libreportal-ownership: refusing to remove the WebUI app dir" >&2; return 1; }
|
||||
local d="$CONTAINERS_DIR/$app"
|
||||
[[ -d "$d" ]] || return 0
|
||||
rm -rf -- "$d"
|
||||
}
|
||||
|
||||
# Chown one LibrePortal-managed file under an app dir to the container owner.
|
||||
# relpath is validated: no traversal, no absolute path, safe charset only.
|
||||
app_file() {
|
||||
@ -234,6 +252,7 @@ case "$action" in
|
||||
webui) webui;;
|
||||
taskdir) taskdir;;
|
||||
app-data-nobody) app_data_nobody "${1:-}";;
|
||||
app-data-remove) app_data_remove "${1:-}";;
|
||||
app-file) app_file "${1:-}" "${2:-}";;
|
||||
*) echo "usage: libreportal-ownership {reconcile [mode]|traversal|containers-top|backups-top|db-own|app-perms|webui|taskdir|app-data-nobody <app>|app-file <app> <relpath>}" >&2; exit 2;;
|
||||
*) echo "usage: libreportal-ownership {reconcile [mode]|traversal|containers-top|backups-top|db-own|app-perms|webui|taskdir|app-data-nobody <app>|app-data-remove <app>|app-file <app> <relpath>}" >&2; exit 2;;
|
||||
esac
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user