Skip to content

Commit

Permalink
fix: write seperaten sudoer Files.
Browse files Browse the repository at this point in the history
calc the correct python path for mopidy
  • Loading branch information
AlvinSchiller authored Apr 5, 2024
1 parent 317e85e commit f138f6e
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 40 deletions.
29 changes: 0 additions & 29 deletions misc/sampleconfigs/sudoers.buster-default.sample

This file was deleted.

4 changes: 2 additions & 2 deletions scripts/helperscripts/Analytics_AfterInstallScript.sh
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ ls -lh /etc/lighttpd/conf-available/15-fastcgi-php.conf
echo "*** /etc/php/7.3/fpm/php.ini"
ls -lh /etc/php/7.3/fpm/php.ini

echo "*** /etc/sudoers"
ls -lh /etc/sudoers
echo "*** /etc/sudoers.d"
ls -lh /etc/sudoers.d/

echo "*** /etc/systemd/system/phoniebox*"
ls -lh /etc/systemd/system/phoniebox-rfid-reader.service
Expand Down
6 changes: 3 additions & 3 deletions scripts/helperscripts/DeleteAllConfig.sh
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,9 @@ case "$response" in
esac
echo "Proceeding and deleting."

# these ones we MUST leave
#sudo rm /etc/sudoers
sudo rm /etc/sudoers.d/www-data
sudo rm /etc/sudoers.d/mopidy

#sudo rm /etc/samba/smb.conf

# these ones we will leave
Expand Down Expand Up @@ -47,4 +48,3 @@ sudo rm /etc/mpd.conf
sudo rm /etc/locale.gen
sudo rm /etc/default/locale
sudo rm /etc/mopidy/mopidy.conf
sudo rm ~/.config/mopidy/mopidy.conf
9 changes: 4 additions & 5 deletions scripts/installscripts/install-jukebox.sh
Original file line number Diff line number Diff line change
Expand Up @@ -801,7 +801,6 @@ web_server_config() {
local lighthttpd_conf="/etc/lighttpd/lighttpd.conf"
local fastcgi_php_conf="/etc/lighttpd/conf-available/15-fastcgi-php.conf"
local php_ini="/etc/php/$(ls -1 /etc/php)/cgi/php.ini"
local sudoers="/etc/sudoers"

echo "Configuring web server..."
# make sure lighttp can access the home directory of the user
Expand All @@ -827,10 +826,7 @@ web_server_config() {
sudo chmod 644 "${php_ini}"

# SUDO users (adding web server here)
# -r--r----- 1 root root 703 Nov 17 21:08 /etc/sudoers
sudo cp "${jukebox_dir}"/misc/sampleconfigs/sudoers.buster-default.sample ${sudoers}
sudo chown root:root "${sudoers}"
sudo chmod 440 "${sudoers}"
echo "www-data ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/www-data
}

# Reads a textfile and pipes all lines as args to the given command.
Expand Down Expand Up @@ -969,6 +965,9 @@ install_main() {

# Install necessary Python packages
${pip_install} -r "${jukebox_dir}"/requirements-spotify.txt

local python_dist_path=$(python3 -c 'import sysconfig; print(sysconfig.get_paths()["purelib"])'
echo "mopidy ALL=NOPASSWD: ${python_dist_path}/mopidy_iris/system.sh" > /etc/sudoers.d/mopidy
fi
# Install more required packages
Expand Down
2 changes: 1 addition & 1 deletion scripts/installscripts/tests/test_installation.sh
Original file line number Diff line number Diff line change
Expand Up @@ -406,7 +406,7 @@ verify_webserver_config() {
check_chmod_chown 644 root root "/etc/lighttpd" "lighttpd.conf"
check_chmod_chown 644 root root "/etc/lighttpd/conf-available" "15-fastcgi-php.conf"
check_chmod_chown 644 root root "/etc/php/${phpver}/cgi" "php.ini"
check_chmod_chown 440 root root "/etc" "sudoers"
check_chmod_chown 440 root root "/etc/sudoers.d" "www-data"

# Bonus TODO: check that fastcgi and fastcgi-php mods are enabled
}
Expand Down

0 comments on commit f138f6e

Please sign in to comment.