fix(install): bridge cross-owner folder copies + writable install log
Two pre-existing bugs a genuinely-clean rootless install exposes:
copyFolder picked the copy user by destination only: a manager-owned
source (e.g. the install dir) copied into the dockerinstall-owned
containers/ ran the cp AS dockerinstall, which can't read the source ->
"cp: Permission denied". The `local result=$(...)` then masked the
failure (local returns 0) so checkSuccess printed success. This broke
installLibrePortalImageWebUI: the WebUI dir wasn't populated, so
initializeAppVariables couldn't read libreportal.config ("No app name
provided"), compose tags were never substituted, and the WebUI container
couldn't start (user: "USER_DATA"). Fix: when source and destination
owners differ (manager -> container), bridge with a tar pipe — the
manager reads, dockerinstall writes — with pipefail so a read-side
failure is no longer masked.
start.sh created the per-run install log with `sudo touch` (root:root
644) but tee's to it as the manager -> "tee: Permission denied" -> every
install-*.log was empty. Fix: chown the log to the user running the
install so the tee can append.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
fba5456218
commit
a978749ee8
@ -8,9 +8,23 @@ copyFolder()
|
||||
local user_name="$3" # advisory — the destination path determines the owner
|
||||
|
||||
# Write as the destination's owner — no root, no chown (see copyFile).
|
||||
local op="runInstallOp"
|
||||
[[ "$save_dir" == "$containers_dir"* || "$save_dir" == /docker/containers/* ]] && op="runFileOp"
|
||||
|
||||
local result=$($op cp -rf "$folder" "$save_dir")
|
||||
if [[ "$save_dir" == "$containers_dir"* || "$save_dir" == /docker/containers/* ]]; then
|
||||
if [[ "$folder" == "$containers_dir"* || "$folder" == /docker/containers/* ]]; then
|
||||
# container -> container: same owner (dockerinstall), a plain cp works.
|
||||
local result=$(runFileOp cp -rf "$folder" "$save_dir")
|
||||
else
|
||||
# Cross-owner: a manager-owned source (e.g. the install dir) into the
|
||||
# container-owned destination. Under rootless a single cp can't read
|
||||
# one end and write the other, so bridge with a tar pipe — the manager
|
||||
# reads the source, dockerinstall writes the destination. No root, no
|
||||
# chown; files land owned by the destination user. pipefail so a
|
||||
# read-side failure isn't masked by a "successful" empty extract.
|
||||
( set -o pipefail
|
||||
runInstallOp tar -C "$(dirname "$folder")" -cf - "$folder_name" \
|
||||
| runFileOp tar -C "$save_dir" -xf - )
|
||||
fi
|
||||
else
|
||||
local result=$(runInstallOp cp -rf "$folder" "$save_dir")
|
||||
fi
|
||||
checkSuccess "Copying $folder_name to $save_dir"
|
||||
}
|
||||
|
||||
5
start.sh
5
start.sh
@ -49,6 +49,11 @@ initLibrePortal()
|
||||
install_log_path="/docker/logs/install-$(date +%Y%m%d-%H%M%S).log"
|
||||
sudo mkdir -p /docker/logs 2>/dev/null
|
||||
sudo touch "$install_log_path" 2>/dev/null
|
||||
# Own it by whoever runs the install (the manager under Model A) so the
|
||||
# tee below — which runs as that user, not root — can append. A
|
||||
# sudo-touched file is root:root 644, leaving the manager unable to
|
||||
# write it → the empty install-*.log files.
|
||||
sudo chown "$(id -un):$(id -gn)" "$install_log_path" 2>/dev/null
|
||||
sudo chmod 644 "$install_log_path" 2>/dev/null
|
||||
export install_log_path
|
||||
exec > >(tee -a "$install_log_path") 2>&1
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user