Ensure existing files are proper owner and mode.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
co-authored-by: RD WebDesign <github@rdwebdesign.com.br>
This commit is contained in:
Dan Schaper 2022-03-31 14:32:07 -07:00
parent d45c9fc522
commit 8a5c7dec71
No known key found for this signature in database
GPG key ID: 6055EE2AD4004FC0
2 changed files with 10 additions and 6 deletions

View file

@ -21,12 +21,15 @@ start() {
else
# Touch files to ensure they exist (create if non-existing, preserve if existing)
mkdir -pm 0755 /run/pihole
touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
[ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.pid
[ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.port
[ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log
[ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log
[ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole dev/null /etc/pihole/dhcp.leases
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole.log /var/log/pihole.log /etc/pihole/dhcp.leases
# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
chmod -f 0644 /etc/pihole/macvendor.db
chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole-FTL.log /var/log/pihole.log
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
# Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist

View file

@ -1129,7 +1129,8 @@ chooseBlocklists() {
done
# Create an empty adList file with appropriate permissions.
if [ ! -f "${adlistFile}" ]; then
install /dev/null "${adlistFile}"
install -m 644 /dev/null "${adlistFile}"
else
chmod 644 "${adlistFile}"
fi
}
@ -1333,7 +1334,7 @@ installConfigs() {
install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} "${lighttpdConfig}"
# Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it
if [ ! -f /etc/lighttpd/external.conf ]; then
install -m 644 /dev/null /etc/lighttpd/external.com
install -m 644 /dev/null /etc/lighttpd/external.conf
fi
# If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config
if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then