diff --git a/etc/set-permissions.sh b/etc/set-permissions.sh new file mode 100644 index 0000000..7d5e794 --- /dev/null +++ b/etc/set-permissions.sh @@ -0,0 +1,40 @@ +#!/bin/bash +# Set ownership and permissions for Meshing Around application + +# Check if run as root +if [ "$EUID" -ne 0 ]; then + echo "Please run as root" + exit 1 +fi + +# Use first argument as user, or default to meshbot +TARGET_USER="${1:-meshbot}" + +# Check if user exists +if ! id "$TARGET_USER" &>/dev/null; then + echo "User '$TARGET_USER' does not exist." + read -p "Would you like to use the current user ($(logname)) instead? [y/N]: " yn + if [[ "$yn" =~ ^[Yy]$ ]]; then + TARGET_USER="$(logname)" + echo "Using current user: $TARGET_USER" + if ! id "$TARGET_USER" &>/dev/null; then + echo "Current user '$TARGET_USER' does not exist or cannot be determined." + exit 1 + fi + else + echo "Exiting." + exit 1 + fi +fi + +echo "Setting ownership to $TARGET_USER:$TARGET_USER" + +chown -R "$TARGET_USER:$TARGET_USER" "/opt/meshing-around/-around" +chown -R "$TARGET_USER:$TARGET_USER" "/opt/meshing-around/-around/logs" +chown -R "$TARGET_USER:$TARGET_USER" "/opt/meshing-around/-around/data" +chown "$TARGET_USER:$TARGET_USER" "/opt/meshing-around/-around/config.ini" +chmod 640 "/opt/meshing-around/-around/config.ini" +chmod 750 "/opt/meshing-around/-around/logs" +chmod 750 "/opt/meshing-around/-around/data" + +echo "Permissions and ownership have been set." \ No newline at end of file diff --git a/install.sh b/install.sh index b91ba5b..c26feb0 100755 --- a/install.sh +++ b/install.sh @@ -287,6 +287,11 @@ echo "Added user $whoami to dialout, tty, and bluetooth groups" sudo chown -R "$whoami:$whoami" "$program_path/logs" sudo chown -R "$whoami:$whoami" "$program_path/data" +sudo chown "$whoami:$whoami" "$program_path/config.ini" +sudo chmod 640 "$program_path/config.ini" +echo "Permissions set for meshbot on config.ini" +sudo chmod 750 "$program_path/logs" +sudo chmod 750 "$program_path/data" echo "Permissions set for meshbot on logs and data directories" # check and see if some sort of NTP is running diff --git a/update.sh b/update.sh index 7689e46..3cb78ff 100644 --- a/update.sh +++ b/update.sh @@ -70,10 +70,10 @@ if [[ -f "config.ini" ]]; then echo "config.ini is owned by: $owner" echo "config.ini permissions: $perms" if [[ "$owner" == "root" ]]; then - echo "Warning: config.ini is owned by root (possibly edited with sudo)." + echo "Warning: config.ini is owned by root check out the etc/set-permissions.sh script" fi if [[ $(stat -f "%Lp" config.ini) =~ .*[7,6,2]$ ]]; then - echo "Warning: config.ini is world-writable or world-readable!" + echo "Warning: config.ini is world-writable or world-readable! check out the etc/set-permissions.sh script" fi echo "Including config.ini in backup..."