From fc384ab682cbf3cc9baf585d3f3f59e77ca2bd88 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 10 Jul 2015 10:45:31 +0100 Subject: [PATCH] Ensure good permissions on the initial README --- src/freedombone | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/src/freedombone b/src/freedombone index 9e62f0b0..52359e6f 100755 --- a/src/freedombone +++ b/src/freedombone @@ -1484,6 +1484,7 @@ function mesh_cjdns { echo ' http://transitiontech.ca/faq' >> /home/$MY_USERNAME/README echo ' http://cjdns.ca/hypeirc.txt' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'mesh_cjdns' >> $COMPLETION_FILE @@ -1625,6 +1626,8 @@ function mesh_batman { echo 'Mesh Networking (B.A.T.M.A.N)' >> /home/$MY_USERNAME/README echo '=============================' >> /home/$MY_USERNAME/README echo "BATMAN IPv6 address: $BATMAN_IPV6" >> /home/$MY_USERNAME/README + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'mesh_batman' >> $COMPLETION_FILE @@ -3128,6 +3131,7 @@ function backup_to_friends_servers { echo '' >> /home/$MY_USERNAME/README echo 'The system will try to backup to these remote locations once per day.' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo '#!/bin/bash' > /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME @@ -3911,6 +3915,7 @@ function restore_from_friend { echo '' >> /home/$MY_USERNAME/README echo " $RESTORE_FROM_FRIEND_SCRIPT_NAME [server]" >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo '#!/bin/bash' > /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME @@ -6048,6 +6053,8 @@ function configure_gpg { echo '' >> /home/$MY_USERNAME/README echo " gpg --send-keys $MY_GPG_PUBLIC_KEY" >> /home/$MY_USERNAME/README fi + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi fi @@ -6261,6 +6268,7 @@ function encrypt_all_email { echo 'this could take a seriously LONG time on the Beaglebone' >> /home/$MY_USERNAME/README echo 'and may be better done on a faster machine.' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'encrypt_all_email' >> $COMPLETION_FILE @@ -6538,6 +6546,8 @@ function create_public_mailing_list { echo '===================' >> /home/$MY_USERNAME/README echo "To subscribe to the $PUBLIC_MAILING_LIST mailing list send a" >> /home/$MY_USERNAME/README echo "cleartext email to $PUBLIC_MAILING_LIST+subscribe@$DEFAULT_DOMAIN_NAME" >> /home/$MY_USERNAME/README + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi freedombone-addlist -u $MY_USERNAME -l "$PUBLIC_MAILING_LIST" -s "$PUBLIC_MAILING_LIST" @@ -6822,6 +6832,7 @@ function install_mariadb { echo "Your MariaDB password is: $MARIADB_PASSWORD" >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi debconf-set-selections <<< "mariadb-server mariadb-server/root_password password $MARIADB_PASSWORD" @@ -6967,6 +6978,8 @@ function install_owncloud_music_app { echo 'menu and enable the music app. You can then log out and log back' >> /home/$MY_USERNAME/README echo 'in as your Owncloud user and select music from the left hand' >> /home/$MY_USERNAME/README echo 'dropdown menu.' >> /home/$MY_USERNAME/README + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_owncloud_music_app' >> $COMPLETION_FILE @@ -7080,6 +7093,8 @@ function install_owncloud { echo 'using F-Droid then go to settings/accounts and add a CalDav account with' >> /home/$MY_USERNAME/README echo "the URL https://$OWNCLOUD_DOMAIN_NAME/remote.php/caldav/principals/$MY_USERNAME" >> /home/$MY_USERNAME/README echo 'and the username and password shown above.' >> /home/$MY_USERNAME/README + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo "create database owncloud; @@ -7350,6 +7365,8 @@ function install_gogs { echo 'into the stream as it passes, so beware.' >> /home/$MY_USERNAME/README echo 'If you have a bought domain and a non-self signed cert then you' >> /home/$MY_USERNAME/README echo "should change /etc/nginx/sites-available/$GIT_DOMAIN_NAME to redirect everything over https." >> /home/$MY_USERNAME/README + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo "create database gogs; @@ -7560,6 +7577,7 @@ function install_xmpp { echo '' >> /home/$MY_USERNAME/README echo " prosodyctl passwd $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_xmpp' >> $COMPLETION_FILE } @@ -7649,6 +7667,8 @@ function install_irc_server { echo " /server add -auto -ssl $DEFAULT_DOMAIN_NAME 6697" >> /home/$MY_USERNAME/README echo " /connect $DEFAULT_DOMAIN_NAME" >> /home/$MY_USERNAME/README echo ' /join #freedombone' >> /home/$MY_USERNAME/README + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_irc_server' >> $COMPLETION_FILE @@ -7935,6 +7955,7 @@ function install_wiki { echo '' >> /home/$MY_USERNAME/README echo " rm /var/www/$WIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_wiki' >> $COMPLETION_FILE @@ -8173,6 +8194,7 @@ function install_blog { echo " /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini" >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi # create a user @@ -8239,6 +8261,7 @@ function install_gnu_social { echo "Your MariaDB gnusocial admin password is: $MICROBLOG_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo "create database gnusocial; @@ -8430,6 +8453,7 @@ quit" > $INSTALL_DIR/batch.sql echo ' /Invite only/ ticked' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_gnu_social' >> $COMPLETION_FILE @@ -8482,6 +8506,7 @@ function install_redmatrix { echo "Your MariaDB Red Matrix admin password is: $REDMATRIX_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo "create database redmatrix; @@ -8694,6 +8719,7 @@ quit" > $INSTALL_DIR/batch.sql echo "within /etc/nginx/sites-available/$REDMATRIX_DOMAIN_NAME" >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_redmatrix' >> $COMPLETION_FILE @@ -9388,6 +9414,7 @@ function install_voip { echo '' >> /home/$MY_USERNAME/README echo 'To connect to the VoIP server use your username and the server password shown above.' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README + chmod 600 /home/$MY_USERNAME/README fi echo 'install_voip' >> $COMPLETION_FILE