obel1x/fedora-OEMDRV
0
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Bug: Set rights for client sw

Browse Source 
split function elog_add_command_subshell and elog_add_command
This commit is contained in:
Daniel Pätzold
2026-03-16 12:07:29 +01:00
parent 264d1d4931
commit fe8c7f1724
3 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
system_setup/logon_script.sh
+1 -1
View File
@@ -69,7 +69,7 @@ elog_add "Check the matching client rule:"
# RETNO = 0 , but the Output of "sudo -l -l" must als be checked, if there is an Option !authenticate in the returnung string, otherwise a failed installation cannot be # RETNO = 0 , but the Output of "sudo -l -l" must als be checked, if there is an Option !authenticate in the returnung string, otherwise a failed installation cannot be
# divided from a missing sudo-rule # divided from a missing sudo-rule
# #
elog_add_command "/usr/bin/sudo -n -l -l ${SYSCONFIGPATH}/system_setup/sync_client_software.sh" elog_add_command_subshell "/usr/bin/sudo -n -l -l ${SYSCONFIGPATH}/system_setup/sync_client_software.sh"
if [[ $RETNO -ne 0 ]]; then if [[ $RETNO -ne 0 ]]; then
elog_add "Error was no $RETNO" elog_add "Error was no $RETNO"
elog_add "No matching IPA rule found for this user, so the user is not allowed to install software, skipping this." elog_add "No matching IPA rule found for this user, so the user is not allowed to install software, skipping this."
system_setup/setup_system.inc.sh
+11 -1
View File
@@ -41,8 +41,18 @@ elog_add() {
echo $@ | tee ${LOGFILE} -a echo $@ | tee ${LOGFILE} -a
} }
elog_add_command() { elog_add_command() {
#Run a command, capture all output (STD and ERR) to the logfile AND in variable RETTXT AND output to screen #Run a command, capture output (STD and ERR) to the logfile AND in variable RETTXT AND output to screen
#Returns the exit value of the command in $? and in RETNO #Returns the exit value of the command in $? and in RETNO
RETTXT=$( $@ > >(tee -a ${LOGFILE}) 2>&1 )
RETNO=$?
echo "${RETTXT}"
return ${RETNO}
}
elog_add_command_subshell() {
# Special Version of above, where the command will be completely executed in a subshell. This is needed for some commands, that may output to
# something else than STD or ERR and otherwise cannot be captured completely.
# Benefit: Really catch everything that is send to output
# Disadvantage: Output wont't display directly, but only after finshed execution
RETTXT=$( { $@ > >(tee -a ${LOGFILE}); } 2> >(tee -a ${LOGFILE}) ) RETTXT=$( { $@ > >(tee -a ${LOGFILE}); } 2> >(tee -a ${LOGFILE}) )
RETNO=$? RETNO=$?
echo "${RETTXT}" echo "${RETTXT}"
system_setup/sync_client_software.sh
+2 -2
View File
@@ -43,7 +43,7 @@ echo "Update or install Nextcloud client"
SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${CLIENT_SOFTWARE_SRC} ${CLIENT_SOFTWARE_DST} https://${SERVERFQDN_NC}" SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${CLIENT_SOFTWARE_SRC} ${CLIENT_SOFTWARE_DST} https://${SERVERFQDN_NC}"
SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" ) SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" )
chown root:${CLIENTADMINGROUP} -R ${CLIENT_SOFTWARE_DST} chown root:${CLIENTADMINGROUP} -R ${CLIENT_SOFTWARE_DST}
chmod ug+rw,o-rwx -R ${CLIENT_SOFTWARE_DST} chmod ug+rwX,o=r-X -R ${CLIENT_SOFTWARE_DST}
echo "Exec: ${SYNCCMD_HIDDENPW}" echo "Exec: ${SYNCCMD_HIDDENPW}"
echo "Sync Client Software" > ${LOGFILE} echo "Sync Client Software" > ${LOGFILE}
echo "====================" >> ${LOGFILE} echo "====================" >> ${LOGFILE}
@@ -64,7 +64,7 @@ if [[ $? -ne 0 ]]; then
fi fi
#Files must be owned by root (we are root!) #Files must be owned by root (we are root!)
chown root:${CLIENTADMINGROUP} -R ${CLIENT_SOFTWARE_DST} chown root:${CLIENTADMINGROUP} -R ${CLIENT_SOFTWARE_DST}
chmod ug+rwX,o-rwx -R ${CLIENT_SOFTWARE_DST} chmod ug+rwX,o=r-X -R ${CLIENT_SOFTWARE_DST}
#Make all install.sh executable #Make all install.sh executable
find ${CLIENT_SOFTWARE_DST} -type f -name install.sh -exec chmod ug+x {} \; find ${CLIENT_SOFTWARE_DST} -type f -name install.sh -exec chmod ug+x {} \;
if [ -f "${CLIENT_SOFTWARE_DST}/install.sh" ]; then if [ -f "${CLIENT_SOFTWARE_DST}/install.sh" ]; then