diff options
Diffstat (limited to 'www-apps/tt-rss/files/permissions-r1')
-rw-r--r-- | www-apps/tt-rss/files/permissions-r1 | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/www-apps/tt-rss/files/permissions-r1 b/www-apps/tt-rss/files/permissions-r1 new file mode 100644 index 000000000000..e50b4406646d --- /dev/null +++ b/www-apps/tt-rss/files/permissions-r1 @@ -0,0 +1,24 @@ +#!/bin/bash -e + +cd "${MY_INSTALLDIR}" + +if [[ $1 = install ]]; then + # We need to lock down cache/ for the operations below to be + # safe. The permissions match the webapp-config defaults but these + # can be changed and existing installations may also differ. + chown root:root cache/ + chmod 00755 cache/ + + chgrp --no-dereference ttrssd feed-icons/ lock/ cache/*/ + chmod g+ws feed-icons/ lock/ cache/*/ + + # Files within lock/ are exclusively written by the update daemon. + # feed-icons/ and cache/ holds files that are modified in place by both + # processes and therefore ACLs are required to ensure that the files + # themselves are created as group writable. + if ! setfacl --modify d:g::rwX feed-icons/ cache/*/; then + echo "WARNING: ACLs are not available on this filesystem. Either enable them or set TTRSSD_USER to your PHP user in /etc/conf.d/ttrssd to avoid permission issues." + elif [[ -n $(find feed-icons/ cache/ -type f ! -name ".*" ! -name index.html ! \( -group ttrssd -perm -020 \) -print -quit) ]]; then + echo "WARNING: Files that are not writable by the ttrssd group found within the cache or feed-icons directories. Either delete them or correct their permissions." + fi +fi |