mirror of
https://github.com/pi-hole/docker-pi-hole.git
synced 2024-06-21 06:56:53 +02:00
Move a few things about. Set permissions pihole-FT requires in it's run
script. remove pihole-FTL test from test-config because nothing exists until it has started for the first time.
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
This commit is contained in:
parent
0ecde45d22
commit
fe1676b9ed
|
@ -23,23 +23,9 @@ prepare_configs() {
|
|||
touch "$setupVars"
|
||||
set +e
|
||||
mkdir -p /var/run/pihole /var/log/pihole
|
||||
# Re-apply perms from basic-install over any volume mounts that may be present (or not)
|
||||
# Also similar to preflights for FTL https://github.com/pi-hole/pi-hole/blob/master/advanced/Templates/pihole-FTL.service
|
||||
|
||||
chown pihole:root /etc/lighttpd
|
||||
chown pihole:pihole "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" "/var/log/pihole"
|
||||
chmod 644 "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf"
|
||||
if [[ -e "${PI_HOLE_CONFIG_DIR}/pihole-FTL.db" ]]; then
|
||||
chown pihole:pihole "${PI_HOLE_CONFIG_DIR}/pihole-FTL.db"
|
||||
chmod 644 "${PI_HOLE_CONFIG_DIR}/pihole-FTL.db"
|
||||
fi
|
||||
touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
|
||||
chown pihole:pihole /var/run/pihole /var/log/pihole
|
||||
test -f /var/run/pihole/FTL.sock && rm /var/run/pihole/FTL.sock
|
||||
chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /etc/pihole /var/log/pihole.log
|
||||
if [[ -e /etc/pihole/dhcp.leases ]]; then
|
||||
chown pihole:pihole /etc/pihole/dhcp.leases
|
||||
fi
|
||||
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
|
||||
|
||||
set -e
|
||||
# Update version numbers
|
||||
pihole updatechecker
|
||||
|
@ -289,8 +275,6 @@ setup_ipv4_ipv6() {
|
|||
|
||||
test_configs() {
|
||||
set -e
|
||||
echo -n '::: Testing pihole-FTL DNS: '
|
||||
sudo -u ${DNSMASQ_USER:-root} pihole-FTL test || exit 1
|
||||
echo -n '::: Testing lighttpd config: '
|
||||
lighttpd -t -f /etc/lighttpd/lighttpd.conf || exit 1
|
||||
set +e
|
||||
|
|
|
@ -1,6 +1,10 @@
|
|||
#!/usr/bin/with-contenv bash
|
||||
set -e
|
||||
|
||||
if [ "${PH_VERBOSE:-0}" -gt 0 ] ; then
|
||||
set -x ;
|
||||
fi
|
||||
|
||||
modifyUser()
|
||||
{
|
||||
declare username=${1:-} newId=${2:-}
|
||||
|
@ -9,11 +13,8 @@ modifyUser()
|
|||
local currentId=$(id -u ${username})
|
||||
[[ ${currentId} -eq ${newId} ]] && return
|
||||
|
||||
echo "user ${username} ${currentId} => ${newId}"
|
||||
usermod -o -u ${newId} ${username}
|
||||
|
||||
find / -user ${currentId} -print0 2> /dev/null | \
|
||||
xargs -0 -n1 chown -h ${username} 2> /dev/null
|
||||
echo "Changing ID for user: ${username} (${currentId} => ${newId})"
|
||||
usermod -o -u ${newId} ${username}
|
||||
}
|
||||
|
||||
modifyGroup()
|
||||
|
@ -24,14 +25,11 @@ modifyGroup()
|
|||
local currentId=$(id -g ${groupname})
|
||||
[[ ${currentId} -eq ${newId} ]] && return
|
||||
|
||||
echo "group ${groupname} ${currentId} => ${newId}"
|
||||
echo "Changing ID for group: ${groupname} (${currentId} => ${newId})"
|
||||
groupmod -o -g ${newId} ${groupname}
|
||||
|
||||
find / -group ${currentId} -print0 2> /dev/null | \
|
||||
xargs -0 -n1 chgrp -h ${groupname} 2> /dev/null
|
||||
}
|
||||
|
||||
modifyUser www-data ${WEB_UID}
|
||||
modifyGroup www-data ${WEB_GID}
|
||||
modifyUser pihole ${PIHOLE_UID}
|
||||
modifyGroup pihole ${PIHOLE_GID}
|
||||
modifyGroup pihole ${PIHOLE_GID}
|
|
@ -4,6 +4,22 @@ s6-echo "Starting pihole-FTL ($FTL_CMD) as ${DNSMASQ_USER}"
|
|||
# Remove possible leftovers from previous pihole-FTL processes
|
||||
rm -f /dev/shm/FTL-* 2> /dev/null
|
||||
rm /run/pihole/FTL.sock 2> /dev/null
|
||||
|
||||
# Touch files to ensure they exist (create if non-existing, preserve if existing)
|
||||
mkdir -pm 0755 /run/pihole
|
||||
touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
|
||||
|
||||
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
|
||||
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
|
||||
chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
|
||||
|
||||
# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
|
||||
chmod -f 0644 /etc/pihole/macvendor.db
|
||||
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
|
||||
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
|
||||
# Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist
|
||||
chmod -f 0664 /etc/pihole/pihole-FTL.db
|
||||
|
||||
s6-setuidgid ${DNSMASQ_USER} pihole-FTL $FTL_CMD >/dev/null 2>&1
|
||||
|
||||
# Notes on above:
|
||||
|
|
Loading…
Reference in New Issue
Block a user