From 007bc0e39084d73adceb438fde137505baf22a8c Mon Sep 17 00:00:00 2001 From: Natnael Getahun Date: Mon, 20 Nov 2023 16:29:14 +0100 Subject: [PATCH] Amend permissions for public tools path --- package/files/update_rmt_app_dir_permissions.sh | 3 +-- package/obs/rmt-server.spec | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/package/files/update_rmt_app_dir_permissions.sh b/package/files/update_rmt_app_dir_permissions.sh index 9d3837dc7..bf5cf63f5 100644 --- a/package/files/update_rmt_app_dir_permissions.sh +++ b/package/files/update_rmt_app_dir_permissions.sh @@ -8,12 +8,11 @@ IFS=" " app_dir=$1 app_dir_ownership=$(stat -c "%U %G" $app_dir) -skip_public_tools="tools" if [[ $app_dir_ownership == "_rmt nginx" ]]; then # Sort application directory ordered by directory depth to # ensure secure recursive ownership change. - find -P $app_dir -type d ! -name $skip_public_tools | ruby -e 'dirs=readlines; dirs.each { |dir| puts("#{dir.strip} #{dir.strip.length}") }' | sort -k 2 -n | awk '/ / {print $1}' | xargs -I {} chown -h root:root {} + find -P $app_dir -type d | ruby -e 'dirs=readlines; dirs.each { |dir| puts("#{dir.strip} #{dir.strip.length}") }' | sort -k 2 -n | awk '/ / {print $1}' | xargs -I {} chown -h root:root {} find -P $app_dir -type f -user _rmt -group nginx | xargs -I {} chown -h root:root {} fi diff --git a/package/obs/rmt-server.spec b/package/obs/rmt-server.spec index c62abc106..66ecce31f 100644 --- a/package/obs/rmt-server.spec +++ b/package/obs/rmt-server.spec @@ -240,7 +240,7 @@ chrpath -d %{buildroot}%{lib_dir}/vendor/bundle/ruby/*/extensions/*/*/mysql2-*/m %files %attr(0755,root,root) %{app_dir} -%attr(0755,root,%{rmt_group}) %{app_dir}/public/tools +%attr(0755,root,root) %{app_dir}/public/tools %exclude %{app_dir}/engines/ %exclude %{app_dir}/package/ %exclude %{app_dir}/rmt/tmp