diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2022-10-02 12:43:05 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2022-10-02 13:05:10 +0000 |
| commit | e5d71fa3d2791e2c762fe2a88d7d3462ee8310e7 (patch) | |
| tree | c5e4917757d558699b64eb0c341fae978ba53452 | |
| parent | Releasing debian version 20220721-1. (diff) | |
| download | open-infrastructure-compute-tools-e5d71fa3d2791e2c762fe2a88d7d3462ee8310e7.tar.xz open-infrastructure-compute-tools-e5d71fa3d2791e2c762fe2a88d7d3462ee8310e7.zip | |
Adding debconf options for container directory permissions.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
| -rw-r--r-- | debian/open-infrastructure-container-tools.config | 4 | ||||
| -rwxr-xr-x | debian/open-infrastructure-container-tools.postinst | 7 | ||||
| -rw-r--r-- | debian/open-infrastructure-container-tools.templates | 13 |
3 files changed, 22 insertions, 2 deletions
diff --git a/debian/open-infrastructure-container-tools.config b/debian/open-infrastructure-container-tools.config index 0139c05..d987936 100644 --- a/debian/open-infrastructure-container-tools.config +++ b/debian/open-infrastructure-container-tools.config @@ -30,6 +30,10 @@ db_settitle open-infrastructure-container-tools/title db_input low open-infrastructure-container-tools/cache || true db_go +db_settitle open-infrastructure-container-tools/title +db_input low open-infrastructure-container-tools/directory-permissions || true +db_go + if [ -e /usr/share/compute-tools/build-scripts ] then SCRIPT_CHOICES="$(cd /usr/share/compute-tools/build-scripts && find -maxdepth 1 -not -type d -and -not -name 'default' -and -not -name 'debconf' -and -not -name '*.d' -printf '%P\n' | sort)" diff --git a/debian/open-infrastructure-container-tools.postinst b/debian/open-infrastructure-container-tools.postinst index af0137f..f697b3b 100755 --- a/debian/open-infrastructure-container-tools.postinst +++ b/debian/open-infrastructure-container-tools.postinst @@ -30,10 +30,10 @@ Install () if ! dpkg-statoverride --list "${DEFAULT}" > /dev/null 2>&1 && ! dpkg-statoverride --list "${TARGET}" > /dev/null 2>&1 then - chmod 0700 "${TARGET}" + chmod ${DIRECTORY_PERMISSIONS} "${TARGET}" chown root:root "${TARGET}" - chmod 0700 "${DEFAULT}" + chmod ${DIRECTORY_PERMISSIONS} "${DEFAULT}" chown root:root "${DEFAULT}" fi } @@ -118,6 +118,9 @@ case "${1}" in db_get open-infrastructure-container-tools/cache CACHE="${RET:-/var/cache/container}" # string (w/o empty) + db_get open-infrastructure-container-tools/directory-permissions + DIRECTORY_PERMISSIONS="${RET}" # select (w/o empty) + db_get open-infrastructure-container-tools/build-script SCRIPT="${RET:-debian}" # string (w/o empty) diff --git a/debian/open-infrastructure-container-tools.templates b/debian/open-infrastructure-container-tools.templates index 98335a6..dfd615d 100644 --- a/debian/open-infrastructure-container-tools.templates +++ b/debian/open-infrastructure-container-tools.templates @@ -61,6 +61,19 @@ _Description: cache directory: If unsure, use /var/cache/container (default) or /srv/container/cache when using shared storage. +Template: open-infrastructure-container-tools/directory-permissions +Type: select +Choices-C: 0700, 0755 +Choices: root-only, read-only +Default: root-only +_Description: Do you want system-wide readable container directories? + By default, the machines directory (and a few non-critical additional + directories such as 'cache' and 'config') is only readable by the root + user. If you want any user to be able to see what machines are available, + you can select read-only instead of root-only (default). + . + If unsure, leave at root-only (default). + Template: open-infrastructure-container-tools/build-script Type: select Choices: ${SCRIPT_CHOICES} |