librelad ccbb2e1c47 harden(desudo): convert permission/touch helpers + network-mode processor
app_folder.sh, libreportal_folders.sh, create_touch.sh: chmod/find/chown/
touch on /docker dirs -> runFileOp (dropped nested -exec sudo chmod).
tags_processor_network_mode.sh: awk/tee/mv/cmp/rm/sqlite3 on compose+DB ->
runFileOp/runFileWrite; gluetun docker ps + compose up -> dockerCommandRun.
Deferred (read install-dir templates, need category-3 handling):
copy_file.sh, copy_files.sh, config_scan_variables.sh.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-23 23:38:24 +01:00

82 lines
3.2 KiB
Bash
Executable File

#!/bin/bash
fixAppFolderPermissions()
{
local silent_flag="$1"
# Collect all app names in an array
local app_names=()
for app_dir in "$containers_dir"/*/; do
if [ -d "$app_dir" ]; then
local app_name=$(basename "$app_dir")
app_names+=("$app_name")
fi
done
for app_name in "${app_names[@]}"; do
if [[ $app_name != "" ]]; then
# Updating $containers_dir with execute permissions
if [ -d "$containers_dir" ]; then
local result=$(runFileOp chmod +x "$containers_dir" > /dev/null 2>&1)
if [ "$silent_flag" == "loud" ]; then
checkSuccess "Updating $containers_dir with execute permissions."
fi
else
if [ "$silent_flag" == "loud" ]; then
isNotice "$containers_dir does not exist."
fi
fi
# Updating $containers_dir$app_name with execute permissions
if [ -d "$containers_dir$app_name" ]; then
local result=$(runFileOp chmod +x "$containers_dir$app_name" > /dev/null 2>&1)
if [ "$silent_flag" == "loud" ]; then
checkSuccess "Updating $containers_dir$app_name with execute permissions."
fi
else
if [ "$silent_flag" == "loud" ]; then
isNotice "$containers_dir$app_name does not exist."
fi
fi
# Updating $app_name with read permissions
if [ -d "$containers_dir$app_name" ]; then
local result=$(runFileOp chmod o+r "$containers_dir$app_name")
if [ "$silent_flag" == "loud" ]; then
checkSuccess "Updating $app_name with read permissions"
fi
else
if [ "$silent_flag" == "loud" ]; then
isNotice "$containers_dir$app_name does not exist."
fi
fi
# Updating compose file(s) for LibrePortal access
if [ -d "$containers_dir$app_name" ]; then
local result=$(runFileOp find "$containers_dir$app_name" -type f -name '*docker-compose*' -exec chmod o+r {} \;)
if [ "$silent_flag" == "loud" ]; then
isNotice "Updating compose file(s) for LibrePortal access"
fi
else
if [ "$silent_flag" == "loud" ]; then
isNotice "$containers_dir$app_name does not exist."
fi
fi
# Fix LibrePortal specific file permissions
local files=("migrate.txt" "$app_name.config" "docker-compose.yml" "docker-compose.$app_name.yml")
for file in "${files[@]}"; do
local file_path="$containers_dir$app_name/$file"
# Check if the file exists
if [ -e "$file_path" ]; then
local result=$(runFileOp chown $docker_install_user:$docker_install_user "$file_path")
if [ "$silent_flag" == "loud" ]; then
checkSuccess "Updating $file with $docker_install_user ownership"
fi
fi
done
fi
done
}