refactor(de-sudo): update/git backup helpers off raw sudo
The git-update backup helpers operate on the manager-owned $backup_install_dir: use_git_backup unzip + config_git_check find -> runInstallOp; install_git_backup standalone find -> runInstallOp (drop the nested -exec sudo rm), and its cd && find | xargs rm pipeline drops its sudos (manager owns the dir). The many 'sudo -u $sudo_user_name git/rm/zip' calls stay (already least-privilege). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
d74474e428
commit
92c731952b
@ -2,8 +2,8 @@
|
||||
|
||||
gitCleanInstallBackups()
|
||||
{
|
||||
local result=$(sudo find "$backup_install_dir" -mindepth 1 -type f ! -name '*.zip' -o -type d ! -name '*.zip' -exec sudo rm -rf {} +)
|
||||
local result=$(runInstallOp find "$backup_install_dir" -mindepth 1 -type f ! -name '*.zip' -o -type d ! -name '*.zip' -exec rm -rf {} +)
|
||||
checkSuccess "Cleaning up install backup folders."
|
||||
local result=$(cd "$backup_install_dir" && sudo find . -maxdepth 1 -type f -name '*.zip' | sudo xargs ls -t | tail -n +6 | sudo xargs -r rm)
|
||||
local result=$(cd "$backup_install_dir" && find . -maxdepth 1 -type f -name '*.zip' | xargs ls -t | tail -n +6 | xargs -r rm)
|
||||
checkSuccess "Deleting old install backup and keeping the latest 5."
|
||||
}
|
||||
@ -7,7 +7,7 @@ gitUseExistingBackup()
|
||||
local backup_file_without_zip=$(basename "$backup_file" .zip)
|
||||
update_done=false
|
||||
|
||||
local result=$(sudo unzip -o $backup_file -d $backup_install_dir)
|
||||
local result=$(runInstallOp unzip -o $backup_file -d $backup_install_dir)
|
||||
checkSuccess "Copy the configs to the backup folder"
|
||||
|
||||
gitReset;
|
||||
|
||||
@ -7,7 +7,7 @@ gitCheckConfigs()
|
||||
local valid_configs_found=false
|
||||
|
||||
# Get a list of all backup zip files in the directory, sorted by date (latest first)
|
||||
local backup_files=($(sudo find "$backup_install_dir" -type f -name 'backup_*.zip' | sort -r))
|
||||
local backup_files=($(runInstallOp find "$backup_install_dir" -type f -name 'backup_*.zip' | sort -r))
|
||||
|
||||
# Check if any backup files were found
|
||||
if [ ${#backup_files[@]} -eq 0 ]; then
|
||||
@ -43,9 +43,9 @@ gitCheckConfigs()
|
||||
unzip -q "$zip_file" -d "$temp_dir"
|
||||
|
||||
# Find the path of config files within the extracted files (new structure only)
|
||||
local config_file_path=$(sudo find "$temp_dir" -type f -path "*/general/basic_settings" | head -1)
|
||||
local config_file_path=$(runInstallOp find "$temp_dir" -type f -path "*/general/basic_settings" | head -1)
|
||||
if [ -z "$config_file_path" ]; then
|
||||
config_file_path=$(sudo find "$temp_dir" -type f -path "*/general/git_config" | head -1)
|
||||
config_file_path=$(runInstallOp find "$temp_dir" -type f -path "*/general/git_config" | head -1)
|
||||
fi
|
||||
|
||||
# Check if config file exists and does not contain "Change-Me"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user