From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] ipblocklist: Ensure /var/ipfire/ipblocklist is owned and
 writable by "nobody"
Date: Mon, 22 Aug 2022 06:30:32 +0000
Message-ID: <59c78fd9-46a7-6290-ad8e-cae28cfc2bfc@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3813441856332777448=="
List-Id: <development.lists.ipfire.org>

--===============3813441856332777448==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Fixes: #12917
Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
---
 config/rootfiles/core/170/update.sh | 3 +++
 lfs/ipblocklist-sources             | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/config/rootfiles/core/170/update.sh b/config/rootfiles/core/170/=
update.sh
index b6b66f3f1..c7dc09946 100644
--- a/config/rootfiles/core/170/update.sh
+++ b/config/rootfiles/core/170/update.sh
@@ -164,6 +164,9 @@ ldconfig
 mkdir -pv /var/lib/ipblocklist
 chown nobody:nobody /var/lib/ipblocklist
=20
+# Ensure permissions for /var/ipfire/ipblocklist are set properly
+chown -Rv nobody:nobody /var/ipfire/ipblocklist
+
 # Rebuild fcrontab from scratch
 /usr/bin/fcrontab -z
=20
diff --git a/lfs/ipblocklist-sources b/lfs/ipblocklist-sources
index 30b9e94a4..87bd95cca 100644
--- a/lfs/ipblocklist-sources
+++ b/lfs/ipblocklist-sources
@@ -47,7 +47,7 @@ b2 :
=20
 $(TARGET) :
 	@$(PREBUILD)
-	mkdir -p /var/ipfire/ipblocklist
-	install -v -m 0644 $(DIR_SRC)/config/ipblocklist/sources /var/ipfire/ipbloc=
klist
+	install -d -o nobody -g nobody -m 0755 /var/ipfire/ipblocklist
+	install -v -o nobody -g nobody -m 0644 $(DIR_SRC)/config/ipblocklist/source=
s /var/ipfire/ipblocklist
=20
 	@$(POSTBUILD)
--=20
2.35.3

--===============3813441856332777448==--