fix(perm-helpers): Fix permission setup so that it also works for alpine

containers without bash
lando · Dec 31, 2024 · b7399e3 · b7399e3
1 parent bae31e9
commit b7399e3
Showing 1 changed file with 12 additions and 20 deletions.
diff --git a/scripts/user-perm-helpers.sh b/scripts/user-perm-helpers.sh
@@ -10,31 +10,25 @@ LANDO_MODULE="userperms"
 add_user() {
   local USER=$1
   local GROUP=$2
-  local UID=$3
-  local GID=$4
-  local DISTRO=$5
-  local EXTRAS="$6"
-  if [ "$DISTRO" = "alpine" ]; then
-    if ! groups | grep "$GROUP" > /dev/null 2>&1; then addgroup -g "$GID" "$GROUP" 2>/dev/null; fi
-    if ! id -u "$GROUP" > /dev/null 2>&1; then adduser -H -D -G "$GROUP" -u "$UID" "$USER" "$GROUP" 2>/dev/null; fi
-  else
-    if ! groups | grep "$GROUP" > /dev/null 2>&1; then groupadd --force --gid "$GID" "$GROUP" 2>/dev/null; fi
-    if ! id -u "$GROUP" > /dev/null 2>&1; then useradd --gid "$GID" --uid "$UID" $EXTRAS "$USER" 2>/dev/null; fi
-  fi;
+  local WEBROOT_UID=$3
+  local WEBROOT_GID=$4
+  if ! getent group | cut -d: -f1 | grep "$GROUP" > /dev/null 2>&1; then addgroup -g "$WEBROOT_GID" "$GROUP" 2>/dev/null; fi
+  if ! id -u "$USER" > /dev/null 2>&1; then adduser -H -D -G "$GROUP" -u "$WEBROOT_UID" "$USER" "$GROUP" 2>/dev/null; fi
 }
 
 # Verify user
 verify_user() {
   local USER=$1
   local GROUP=$2
-  local DISTRO=$3
   id -u "$USER" > /dev/null 2>&1
-  groups | grep "$GROUP" > /dev/null 2>&1
-  if [ "$DISTRO" = "alpine" ]; then
+  groups "$USER" | grep "$GROUP" > /dev/null 2>&1
+  if command -v chsh > /dev/null 2>&1 ; then
+    if command -v /bin/bash > /dev/null 2>&1 ; then
+      chsh -s /bin/bash $USER || true
+    fi;
+  else
     true
     # is there a chsh we can use? do we need to?
-  else
-    chsh -s /bin/bash $USER || true
   fi;
 }
 
@@ -59,11 +53,10 @@ reset_user() {
     if [ "$(id -u $USER)"  != "$HOST_UID" ]; then
       usermod -o -u "$HOST_UID" "$USER" 2>/dev/null
     fi
-    groupmod -g "$HOST_GID" "$GROUP" 2>/dev/null || true
-    if [ "$(id -u $USER)"  != "$HOST_UID" ]; then
+    groupmod -o -g "$HOST_GID" "$GROUP" 2>/dev/null || true
+    if [ "$(id -g $USER)"  != "$HOST_GID" ]; then
       usermod -g "$HOST_GID" "$USER" 2>/dev/null || true
     fi
-    usermod -a -G "$GROUP" "$USER" 2>/dev/null || true
   fi;
   # If this mapping is incorrect lets abort here
   if [ "$(id -u $USER)" != "$HOST_UID" ]; then
@@ -97,7 +90,6 @@ perm_sweep() {
   nohup find /user/.ssh -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
   nohup find /var/www -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
   nohup find /usr/local/bin -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &
-  nohup chmod -R 755 /var/www >/dev/null 2>&1 &
 
   # Lets also make some /usr/locals chowned
   nohup find /usr/local/lib -not -user $USER -execdir chown $USER:$GROUP {} \+ > /tmp/perms.out 2> /tmp/perms.err &