mirror of
https://github.com/pi-hole/pi-hole
synced 2024-12-22 14:58:08 +00:00
Fix possible gravity permissions issue (#5819)
This commit is contained in:
commit
553c0f7f07
30
gravity.sh
30
gravity.sh
@ -59,14 +59,24 @@ gravityTEMPfile="${GRAVITYDB}_temp"
|
|||||||
gravityDIR="$(dirname -- "${gravityDBfile}")"
|
gravityDIR="$(dirname -- "${gravityDBfile}")"
|
||||||
gravityOLDfile="${gravityDIR}/gravity_old.db"
|
gravityOLDfile="${gravityDIR}/gravity_old.db"
|
||||||
|
|
||||||
|
fix_owner_permissions() {
|
||||||
|
# Fix ownership and permissions for the specified file
|
||||||
|
# User and group are set to pihole:pihole
|
||||||
|
# Permissions are set to 664 (rw-rw-r--)
|
||||||
|
chown pihole:pihole "${1}"
|
||||||
|
chmod 664 "${1}"
|
||||||
|
|
||||||
|
# Ensure the containing directory is group writable
|
||||||
|
chmod g+w "$(dirname -- "${1}")"
|
||||||
|
}
|
||||||
|
|
||||||
# Generate new SQLite3 file from schema template
|
# Generate new SQLite3 file from schema template
|
||||||
generate_gravity_database() {
|
generate_gravity_database() {
|
||||||
if ! pihole-FTL sqlite3 -ni "${gravityDBfile}" <"${gravityDBschema}"; then
|
if ! pihole-FTL sqlite3 -ni "${gravityDBfile}" <"${gravityDBschema}"; then
|
||||||
echo -e " ${CROSS} Unable to create ${gravityDBfile}"
|
echo -e " ${CROSS} Unable to create ${gravityDBfile}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
chown pihole:pihole "${gravityDBfile}"
|
fix_owner_permissions "${gravityDBfile}"
|
||||||
chmod g+w "${piholeDir}" "${gravityDBfile}"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Build gravity tree
|
# Build gravity tree
|
||||||
@ -413,6 +423,19 @@ gravity_DownloadBlocklists() {
|
|||||||
saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
|
saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
|
||||||
activeDomains[$i]="${saveLocation}"
|
activeDomains[$i]="${saveLocation}"
|
||||||
|
|
||||||
|
# Check if we can write to the save location file
|
||||||
|
if ! touch "${saveLocation}" 2>/dev/null; then
|
||||||
|
echo -e " ${CROSS} Unable to write to ${saveLocation}"
|
||||||
|
echo " Please run pihole -g as root"
|
||||||
|
echo ""
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Chown the file to the pihole user
|
||||||
|
# This is necessary for the FTL to be able to update the file
|
||||||
|
# when gravity is run from the web interface
|
||||||
|
fix_owner_permissions "${saveLocation}"
|
||||||
|
|
||||||
echo -e " ${INFO} Target: ${url}"
|
echo -e " ${INFO} Target: ${url}"
|
||||||
local regex check_url
|
local regex check_url
|
||||||
# Check for characters NOT allowed in URLs
|
# Check for characters NOT allowed in URLs
|
||||||
@ -996,8 +1019,7 @@ fi
|
|||||||
update_gravity_timestamp
|
update_gravity_timestamp
|
||||||
|
|
||||||
# Ensure proper permissions are set for the database
|
# Ensure proper permissions are set for the database
|
||||||
chown pihole:pihole "${gravityTEMPfile}"
|
fix_owner_permissions "${gravityTEMPfile}"
|
||||||
chmod g+w "${piholeDir}" "${gravityTEMPfile}"
|
|
||||||
|
|
||||||
# Build the tree
|
# Build the tree
|
||||||
timeit gravity_build_tree
|
timeit gravity_build_tree
|
||||||
|
Loading…
Reference in New Issue
Block a user