fix(init): reclaim /home/<manager> from a stale uid (recycled or rename)
On installs that went through the EasyDocker rename (or any case where the manager user's uid was recycled), /home/<manager> stays owned by the old uid (useradd doesn't take over an existing home dir). Files inside, including restic's ~/.cache/restic, become unreadable by the new manager → restic logs "mkdir: permission denied" every backup. Non-fatal but slows them. Same recycled-uid pattern as the cron-spool cleanup right above this block: chown -R only when the directory's owner uid != the manager's current uid. Idempotent — a fresh install or one that's already correct is a no-op. Closes the EasyDocker-artifact item from the live-backups memory. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
e219602518
commit
50415a8655
12
init.sh
12
init.sh
@ -838,6 +838,18 @@ initUsers()
|
|||||||
isNotice "Removed a stale cron spool for $sudo_user_name (recycled uid)."
|
isNotice "Removed a stale cron spool for $sudo_user_name (recycled uid)."
|
||||||
fi
|
fi
|
||||||
sudo rm -f "$spool_dir/easydocker"
|
sudo rm -f "$spool_dir/easydocker"
|
||||||
|
|
||||||
|
# /home/$sudo_user_name may be owned by a stale uid from a previous install
|
||||||
|
# (e.g. the EasyDocker rename): useradd doesn't reclaim an existing home dir,
|
||||||
|
# so files inside — incl. restic's cache dir under ~/.cache/restic — end up
|
||||||
|
# unreadable by the new manager. restic then logs `mkdir: permission denied`
|
||||||
|
# every backup (non-fatal but slows them). Same recycled-uid pattern as the
|
||||||
|
# cron spool above. Idempotent: no-op when ownership already matches.
|
||||||
|
if [[ -d "/home/$sudo_user_name" \
|
||||||
|
&& "$(stat -c %u "/home/$sudo_user_name" 2>/dev/null)" != "$mgr_uid" ]]; then
|
||||||
|
sudo chown -R "$sudo_user_name":"$sudo_user_name" "/home/$sudo_user_name"
|
||||||
|
isNotice "Reclaimed /home/$sudo_user_name from a stale uid (recycled or rename)."
|
||||||
|
fi
|
||||||
# Install-phase sudo: the heavy install runs AS this user (see the handoff in
|
# Install-phase sudo: the heavy install runs AS this user (see the handoff in
|
||||||
# completeInitMessage) and needs BROAD root — useradd for the docker-install
|
# completeInitMessage) and needs BROAD root — useradd for the docker-install
|
||||||
# user, rootless setup, apt, sysctl, etc. So grant a temporary validated
|
# user, rootless setup, apt, sysctl, etc. So grant a temporary validated
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user