Commit 3e1a43a0 authored by Markus Frosch's avatar Markus Frosch
Browse files

Update permissions in /etc/icinga2

chown several files and directories to the daemon user.
parent 4b47a185
...@@ -4,6 +4,11 @@ ...@@ -4,6 +4,11 @@
set -e set -e
setperm() { setperm() {
ownopt=
if [ "$1" = -R ]; then
ownopt="-R"
shift
fi
user="$1" user="$1"
group="$2" group="$2"
mode="$3" mode="$3"
...@@ -11,7 +16,7 @@ setperm() { ...@@ -11,7 +16,7 @@ setperm() {
shift 4 shift 4
# only do something when no setting exists # only do something when no setting exists
if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then
chown "$user":"$group" "$file" chown $ownopt "$user":"$group" "$file"
chmod "$mode" "$file" chmod "$mode" "$file"
fi fi
} }
...@@ -37,8 +42,17 @@ case "$1" in ...@@ -37,8 +42,17 @@ case "$1" in
# explicitly set permissions on some files that are dependent # explicitly set permissions on some files that are dependent
# on the uid/gid of the nagios user, which is dynamically created. # on the uid/gid of the nagios user, which is dynamically created.
setperm nagios nagios 0750 /etc/icinga2 if ! dpkg-statoverride --list /etc/icinga2; then
setperm nagios nagios 0700 /etc/icinga2/pki setperm nagios nagios 0750 /etc/icinga2
setperm nagios nagios 0640 /etc/icinga2/icinga2.conf
setperm nagios nagios 0640 /etc/icinga2/constants.conf
setperm nagios nagios 0640 /etc/icinga2/zones.conf
setperm -R nagios nagios 0700 /etc/icinga2/pki
setperm -R nagios nagios 0750 /etc/icinga2/conf.d
setperm -R nagios nagios 0750 /etc/icinga2/features-enabled
setperm -R nagios nagios 0750 /etc/icinga2/features-available
setperm nagios nagios 0750 /etc/icinga2/zones.d
fi
setperm nagios adm 2751 /var/log/icinga2 setperm nagios adm 2751 /var/log/icinga2
setperm nagios adm 2751 /var/log/icinga2/compat setperm nagios adm 2751 /var/log/icinga2/compat
......
...@@ -4,6 +4,11 @@ ...@@ -4,6 +4,11 @@
set -e set -e
setperm() { setperm() {
ownopt=
if [ "$1" = -R ]; then
ownopt="-R"
shift
fi
user="$1" user="$1"
group="$2" group="$2"
mode="$3" mode="$3"
...@@ -11,7 +16,7 @@ setperm() { ...@@ -11,7 +16,7 @@ setperm() {
shift 4 shift 4
# only do something when no setting exists # only do something when no setting exists
if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then
chown "$user":"$group" "$file" chown $ownopt "$user":"$group" "$file"
chmod "$mode" "$file" chmod "$mode" "$file"
fi fi
} }
...@@ -37,8 +42,17 @@ case "$1" in ...@@ -37,8 +42,17 @@ case "$1" in
# explicitly set permissions on some files that are dependent # explicitly set permissions on some files that are dependent
# on the uid/gid of the nagios user, which is dynamically created. # on the uid/gid of the nagios user, which is dynamically created.
setperm nagios nagios 0750 /etc/icinga2 if ! dpkg-statoverride --list /etc/icinga2; then
setperm nagios nagios 0700 /etc/icinga2/pki setperm nagios nagios 0750 /etc/icinga2
setperm nagios nagios 0640 /etc/icinga2/icinga2.conf
setperm nagios nagios 0640 /etc/icinga2/constants.conf
setperm nagios nagios 0640 /etc/icinga2/zones.conf
setperm -R nagios nagios 0700 /etc/icinga2/pki
setperm -R nagios nagios 0750 /etc/icinga2/conf.d
setperm -R nagios nagios 0750 /etc/icinga2/features-enabled
setperm -R nagios nagios 0750 /etc/icinga2/features-available
setperm nagios nagios 0750 /etc/icinga2/zones.d
fi
setperm nagios adm 2751 /var/log/icinga2 setperm nagios adm 2751 /var/log/icinga2
setperm nagios adm 2751 /var/log/icinga2/compat setperm nagios adm 2751 /var/log/icinga2/compat
......
...@@ -4,6 +4,11 @@ ...@@ -4,6 +4,11 @@
set -e set -e
setperm() { setperm() {
ownopt=
if [ "$1" = -R ]; then
ownopt="-R"
shift
fi
user="$1" user="$1"
group="$2" group="$2"
mode="$3" mode="$3"
...@@ -11,7 +16,7 @@ setperm() { ...@@ -11,7 +16,7 @@ setperm() {
shift 4 shift 4
# only do something when no setting exists # only do something when no setting exists
if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then
chown "$user":"$group" "$file" chown $ownopt "$user":"$group" "$file"
chmod "$mode" "$file" chmod "$mode" "$file"
fi fi
} }
...@@ -37,8 +42,17 @@ case "$1" in ...@@ -37,8 +42,17 @@ case "$1" in
# explicitly set permissions on some files that are dependent # explicitly set permissions on some files that are dependent
# on the uid/gid of the nagios user, which is dynamically created. # on the uid/gid of the nagios user, which is dynamically created.
setperm nagios nagios 0750 /etc/icinga2 if ! dpkg-statoverride --list /etc/icinga2; then
setperm nagios nagios 0700 /etc/icinga2/pki setperm nagios nagios 0750 /etc/icinga2
setperm nagios nagios 0640 /etc/icinga2/icinga2.conf
setperm nagios nagios 0640 /etc/icinga2/constants.conf
setperm nagios nagios 0640 /etc/icinga2/zones.conf
setperm -R nagios nagios 0700 /etc/icinga2/pki
setperm -R nagios nagios 0750 /etc/icinga2/conf.d
setperm -R nagios nagios 0750 /etc/icinga2/features-enabled
setperm -R nagios nagios 0750 /etc/icinga2/features-available
setperm nagios nagios 0750 /etc/icinga2/zones.d
fi
setperm nagios adm 2751 /var/log/icinga2 setperm nagios adm 2751 /var/log/icinga2
setperm nagios adm 2751 /var/log/icinga2/compat setperm nagios adm 2751 /var/log/icinga2/compat
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment