From 8a5c7dec719bb29f4717b0e679afc585d915c45e Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 31 Mar 2022 14:32:07 -0700 Subject: [PATCH] Ensure existing files are proper owner and mode. Signed-off-by: Dan Schaper co-authored-by: RD WebDesign --- advanced/Templates/pihole-FTL.service | 11 +++++++---- automated install/basic-install.sh | 5 +++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 865e2cd9..23f4f125 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -21,12 +21,15 @@ start() { else # Touch files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole - touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases + [ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.pid + [ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.port + [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log + [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log + [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files - chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole - chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases + chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole.log /var/log/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist - chmod -f 0644 /etc/pihole/macvendor.db + chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole-FTL.log /var/log/pihole.log # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f2720d5d..62366f8a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1129,7 +1129,8 @@ chooseBlocklists() { done # Create an empty adList file with appropriate permissions. if [ ! -f "${adlistFile}" ]; then - install /dev/null "${adlistFile}" + install -m 644 /dev/null "${adlistFile}" + else chmod 644 "${adlistFile}" fi } @@ -1333,7 +1334,7 @@ installConfigs() { install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} "${lighttpdConfig}" # Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it if [ ! -f /etc/lighttpd/external.conf ]; then - install -m 644 /dev/null /etc/lighttpd/external.com + install -m 644 /dev/null /etc/lighttpd/external.conf fi # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then