LibrePortal/scripts/update/git/checks/update_git_check.sh
librelad 6bb04533fa fix(desudo): manager->self sudo drops -> runAsManager (scoped-sudoers safe)
The scoped sudoers grants the manager (root) and (dockerinstall) but NOT
(itself), so the many 'sudo -u $sudo_user_name <cmd>' calls (crontab,
git/update, reinstall, swapfile, …) failed with 'a password is required'
once per CLI command. runAsManager runs the command plainly when already
the manager (the runtime case) and only sudo -u's when root (install
time), so it's correct in both contexts and needs no sudoers self-grant.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 18:40:19 +01:00

52 lines
1.9 KiB
Bash
Executable File

#!/bin/bash
gitCheckForUpdate()
{
# Check the status of the local repository
cd "$script_dir"
# If Git login is required, get credentials first
if [[ $CFG_INSTALL_MODE == "git" ]]; then
while true; do
gitCheckGitDetails;
# Test the credentials by trying to fetch
if runAsManager git -c "credential.helper=" -c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" fetch > /dev/null 2>&1; then
isSuccessful "Git authentication successful"
break
else
runReinstall;
fi
done
fi
# Proceed with the fetch using the credentials if they were provided
if [[ $CFG_INSTALL_MODE == "git" ]]; then
runAsManager git -c "credential.helper=" -c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" fetch > /dev/null 2>&1
else
runAsManager git fetch > /dev/null 2>&1
fi
if runAsManager git status | grep -q "Your branch is ahead"; then
isSuccessful "The repository is up to date...continuing..."
elif runAsManager git status | grep -q "Your branch is up to date with"; then
isSuccessful "The repository is up to date...continuing..."
else
isNotice "Updates found."
if [[ $CFG_GIT_AUTO_UPDATES == "true" ]]; then
gitFolderResetAndBackup;
else
while true; do
isQuestion "Do you want to update LibrePortal now? (y/n): "
read -rp "" acceptupdates
if [[ "$acceptupdates" =~ ^[yYnN]$ ]]; then
break
fi
isNotice "Please provide a valid input (y/n)."
done
if [[ $acceptupdates == [yY] ]]; then
gitFolderResetAndBackup;
fi
fi
fi
}