librelad 053a620e22 fix(reliability): split local result=$(cmd) so $? survives for checkSuccess
'local result=$(cmd)' resets $? to 0 (the local builtin's own exit), so the
following checkSuccess always saw success regardless of cmd's real exit — the
mechanism that masked the de-sudo write failures. Split declaration from
assignment ('local result; result=$(cmd)') across all 235 active-code sites
(84 files) so the command's exit reaches checkSuccess. No behaviour change
beyond $? now being accurate (no set -e in runtime code; multi-line
assignments transform safely).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-31 03:09:25 +01:00

35 lines
1.2 KiB
Bash
Executable File

#!/bin/bash
fixPermissionsBeforeStart()
{
local app_name="$1"
local flag="$2"
if [[ $flag == "update" ]]; then
isHeader "Updating File/Folder Permissions"
fi
fixAppFolderPermissions;
runOwnership db-own
# The regenerable WebUI dir is reconciled to the mode's container owner via
# the shared helper (same code path as install + switch). Third-party app
# data ownership is established at install/restore time, not blanket-chowned
# here — a wrong-owner chown would break permission-strict apps.
if [[ "$app_name" == "libreportal" ]]; then
reconcileWebuiDirOwnership
fi
# Traefik
if [ -f "${containers_dir}traefik/etc/certs/acme.json" ]; then
runOwnership app-file traefik etc/certs/acme.json
local result; result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/certs/acme.json")
checkSuccess "Set permissions to acme.json file for traefik"
fi
if [ -f "${containers_dir}traefik/etc/traefik.yml" ]; then
runOwnership app-file traefik etc/traefik.yml
local result; result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/traefik.yml")
checkSuccess "Set permissions to traefik.yml file for traefik"
fi
}