librelad 13d2c15074 fix(desudo): de-sudo config scan so the manager runtime loads CFG
scan_files used 'sudo find' to enumerate config files to source. Under the
scoped sudoers that's denied, so NO configs got sourced -> CFG_DOCKER_INSTALL_TYPE
ended up empty -> runFileOp/runFileWrite fell back to the manager branch and
every container-path write failed. Root cause of the 'sudo: a password is
required' + 'tee: Permission denied' storm when running under the scoped grant.

- configs/ scan (manager-owned): plain find
- app_configs scan (/docker/containers, docker-install-owned, not list-readable
  by the manager): runFileOp find (enumerate as that user; manager still sources
  each .config, which is o+r). 'containers' install templates stay plain find.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 18:38:19 +01:00

74 lines
2.9 KiB
Bash
Executable File

#!/bin/bash
sourceScanFiles()
{
local load_type="$1"
local file_pattern
# Specific LibrePortal config files
if [ "$load_type" = "libreportal_configs" ]; then
# Load new subdirectory config files only (no more old structure fallback)
local folder_dir="$configs_dir"
# Load new subdirectory config files with exclusions
while IFS= read -r -d '' file; do
if [ -f "$file" ]; then
local filename=$(basename "$file")
local should_load=true
# Skip .category files and excluded files
if [[ "$file" =~ \.category$ ]] || [[ "$filename" == "app_categories" ]]; then
should_load=false
fi
if [ "$should_load" = true ]; then
source "$file"
# echo "$load_type NEW FILE $file"
fi
fi
done < <(find "$folder_dir" -maxdepth 2 -type f ! -name "*.category" ! -name "config_*" ! -name ".*" -print0)
# Per-location backup configs live nested at depth 3
# (configs/backup/locations/<idx>/location.config) — source them via
# the dedicated loader so CFG_BACKUP_LOC_<idx>_* vars are populated.
if declare -f sourceBackupLocations >/dev/null 2>&1; then
sourceBackupLocations
fi
# Specific for LibrePortal app container configs
elif [ "$load_type" = "app_configs" ]; then
local file_pattern="*.config"
local folder_dir="$containers_dir"
# Specific for LibrePortal app install scripts
elif [ "$load_type" = "containers" ]; then
local file_pattern="*.sh"
local folder_dir="$install_containers_dir"
else
echo "Invalid load type: $load_type"
fi
# Scanning function for other types (not libreportal_configs).
# app_configs live under /docker/containers (owned by the docker install user
# and not list-readable by the manager), so enumerate them AS that user via
# runFileOp; the manager still sources each (the .config files are o+r). The
# 'containers' install templates are manager-owned, so a plain find suffices.
if [ "$load_type" != "libreportal_configs" ]; then
local scan_op=""
[[ "$load_type" == "app_configs" ]] && scan_op="runFileOp"
while IFS= read -r -d '' file; do
if [ -f "$file" ]; then
source "$file"
# echo "$load_type FILE $file"
fi
done < <($scan_op find "$folder_dir" -maxdepth 3 -type d \( -name 'resources' \) -prune -o -type f -name "$file_pattern" -print0)
fi
# Load the categories from the file into an array
if [ "$load_type" = "libreportal_configs" ]; then
if [ -f "$configs_dir/app_categories" ]; then
mapfile -t app_categories < $configs_dir/app_categories
fi
fi
}