From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bernhard Bitsch <bbitsch@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] ipblocklist: Ensure /var/ipfire/ipblocklist is owned and
 writable by "nobody"
Date: Mon, 22 Aug 2022 10:00:09 +0200
Message-ID: <86b395fb-78a3-358c-03a8-364dced9ca80@ipfire.org>
In-Reply-To: <59c78fd9-46a7-6290-ad8e-cae28cfc2bfc@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3260994968045165033=="
List-Id: <development.lists.ipfire.org>

--===============3260994968045165033==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Bernhard Bitsch <bbitsch(a)ipfire.org>

Am 22.08.2022 um 08:30 schrieb Peter M=C3=BCller:
> Fixes: #12917
> Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
> ---
>   config/rootfiles/core/170/update.sh | 3 +++
>   lfs/ipblocklist-sources             | 4 ++--
>   2 files changed, 5 insertions(+), 2 deletions(-)
>=20
> diff --git a/config/rootfiles/core/170/update.sh b/config/rootfiles/core/17=
0/update.sh
> index b6b66f3f1..c7dc09946 100644
> --- a/config/rootfiles/core/170/update.sh
> +++ b/config/rootfiles/core/170/update.sh
> @@ -164,6 +164,9 @@ ldconfig
>   mkdir -pv /var/lib/ipblocklist
>   chown nobody:nobody /var/lib/ipblocklist
>  =20
> +# Ensure permissions for /var/ipfire/ipblocklist are set properly
> +chown -Rv nobody:nobody /var/ipfire/ipblocklist
> +
>   # Rebuild fcrontab from scratch
>   /usr/bin/fcrontab -z
>  =20
> diff --git a/lfs/ipblocklist-sources b/lfs/ipblocklist-sources
> index 30b9e94a4..87bd95cca 100644
> --- a/lfs/ipblocklist-sources
> +++ b/lfs/ipblocklist-sources
> @@ -47,7 +47,7 @@ b2 :
>  =20
>   $(TARGET) :
>   	@$(PREBUILD)
> -	mkdir -p /var/ipfire/ipblocklist
> -	install -v -m 0644 $(DIR_SRC)/config/ipblocklist/sources /var/ipfire/ipbl=
ocklist
> +	install -d -o nobody -g nobody -m 0755 /var/ipfire/ipblocklist
> +	install -v -o nobody -g nobody -m 0644 $(DIR_SRC)/config/ipblocklist/sour=
ces /var/ipfire/ipblocklist
>  =20
>   	@$(POSTBUILD)

--===============3260994968045165033==--