fix(manager): marker-guard the manager-user sshd append
install_user_manager appended a 'Match User' block to sshd_config with no marker guard, unlike the rootless .bashrc block beside it. The enclosing 'if ! userExists' gate hides it today, but a user delete+recreate would append a second block. Guard on the '### LibrePortal Manager User Start' marker so the append is idempotent. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
d733b70ee7
commit
ba385a8b97
@ -46,7 +46,12 @@ installDockerManagerUser()
|
||||
local result=$(source ~/.bashrc)
|
||||
checkSuccess "Reloading .bashrc"
|
||||
|
||||
local result=$(sudo bash -c "cat >> $sshd_config <<EOL
|
||||
# Marker-guard the append (matching the rootless .bashrc pattern)
|
||||
# so a re-run or a user delete+recreate can't duplicate the block.
|
||||
if sudo grep -q "### LibrePortal Manager User Start" "$sshd_config"; then
|
||||
isNotice "Manager-user SSH server config already present — skipping."
|
||||
else
|
||||
local result=$(sudo bash -c "cat >> $sshd_config <<EOL
|
||||
|
||||
### LibrePortal Manager User Start
|
||||
Match User $CFG_DOCKER_MANAGER_USER
|
||||
@ -58,12 +63,12 @@ Match User $CFG_DOCKER_MANAGER_USER
|
||||
PasswordAuthentication yes
|
||||
### LibrePortal Manager User End
|
||||
EOL")
|
||||
checkSuccess "Updating SSH Server Configuration for the Manager User."
|
||||
|
||||
checkSuccess "Updating SSH Server Configuration for the Manager User."
|
||||
|
||||
# Reload SSH Service
|
||||
local result=$(sudo service ssh reload)
|
||||
checkSuccess "Reloading SSH Service"
|
||||
# Reload SSH Service
|
||||
local result=$(sudo service ssh reload)
|
||||
checkSuccess "Reloading SSH Service"
|
||||
fi
|
||||
|
||||
isSuccessful "User '$CFG_DOCKER_MANAGER_USER' with restricted SFTP access to '/home/$CFG_DOCKER_MANAGER_USER' has been set up."
|
||||
fi
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user