Merge pull request #188 from linuxserver/chown

only chown when ownership change or new install detected
This commit is contained in:
aptalca 2024-10-15 22:12:30 -04:00 committed by GitHub
commit 0ee7309dc4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 12 additions and 5 deletions

View File

@ -141,7 +141,7 @@ Containers are configured using parameters passed at runtime (such as those abov
| `-e HASHED_PASSWORD=` | Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below. | | `-e HASHED_PASSWORD=` | Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below. |
| `-e SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the code-server terminal with the specified password. | | `-e SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the code-server terminal with the specified password. |
| `-e SUDO_PASSWORD_HASH=` | Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`. | | `-e SUDO_PASSWORD_HASH=` | Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`. |
| `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#sub-domains) | | `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain) |
| `-e DEFAULT_WORKSPACE=/config/workspace` | If this optional variable is set, code-server will open this directory by default | | `-e DEFAULT_WORKSPACE=/config/workspace` | If this optional variable is set, code-server will open this directory by default |
| `-v /config` | Contains all relevant configuration files. | | `-v /config` | Contains all relevant configuration files. |
@ -307,6 +307,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions ## Versions
* **13.10.24:** - Only chown config folder when change to ownership or new install is detected.
* **09.10.24:** - Manage permissions in /config/.ssh according to file type * **09.10.24:** - Manage permissions in /config/.ssh according to file type
* **19.08.24:** - Rebase to Ubuntu Noble. * **19.08.24:** - Rebase to Ubuntu Noble.
* **01.07.23:** - Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf) * **01.07.23:** - Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)

View File

@ -27,7 +27,7 @@ opt_param_env_vars:
- {env_var: "HASHED_PASSWORD", env_value: "", desc: "Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below."} - {env_var: "HASHED_PASSWORD", env_value: "", desc: "Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below."}
- {env_var: "SUDO_PASSWORD", env_value: "password", desc: "If this optional variable is set, user will have sudo access in the code-server terminal with the specified password."} - {env_var: "SUDO_PASSWORD", env_value: "password", desc: "If this optional variable is set, user will have sudo access in the code-server terminal with the specified password."}
- {env_var: "SUDO_PASSWORD_HASH", env_value: "", desc: "Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`."} - {env_var: "SUDO_PASSWORD_HASH", env_value: "", desc: "Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`."}
- {env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#sub-domains)"} - {env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain)"}
- {env_var: "DEFAULT_WORKSPACE", env_value: "/config/workspace", desc: "If this optional variable is set, code-server will open this directory by default"} - {env_var: "DEFAULT_WORKSPACE", env_value: "/config/workspace", desc: "If this optional variable is set, code-server will open this directory by default"}
# application setup block # application setup block
@ -47,6 +47,7 @@ app_setup_block: |
How to create the [hashed password](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#can-i-store-my-password-hashed). How to create the [hashed password](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#can-i-store-my-password-hashed).
# changelog # changelog
changelogs: changelogs:
- {date: "13.10.24:", desc: "Only chown config folder when change to ownership or new install is detected."}
- {date: "09.10.24:", desc: "Manage permissions in /config/.ssh according to file type"} - {date: "09.10.24:", desc: "Manage permissions in /config/.ssh according to file type"}
- {date: "19.08.24:", desc: "Rebase to Ubuntu Noble."} - {date: "19.08.24:", desc: "Rebase to Ubuntu Noble."}
- {date: "01.07.23:", desc: "Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)"} - {date: "01.07.23:", desc: "Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)"}

View File

@ -26,9 +26,14 @@ if [[ ! -f /config/.profile ]]; then
cp /root/.profile /config/.profile cp /root/.profile /config/.profile
fi fi
# fix permissions (ignore contents of /config/workspace) # fix permissions (ignore contents of workspace)
find /config -path /config/workspace -prune -o -exec chown abc:abc {} + PUID=${PUID:-911}
chown abc:abc /config/workspace if [[ ! "$(stat -c %u /config/.profile)" == "${PUID}" ]]; then
echo "Change in ownership or new install detected, please be patient while we chown existing files"
echo "This could take some time"
find /config -path "/config/workspace" -prune -o -exec lsiown abc:abc {} +
lsiown abc:abc /config/workspace
fi
chmod 700 /config/.ssh chmod 700 /config/.ssh
if [[ -n "$(ls -A /config/.ssh)" ]]; then if [[ -n "$(ls -A /config/.ssh)" ]]; then
find /config/.ssh/ -type d -exec chmod 700 '{}' \; find /config/.ssh/ -type d -exec chmod 700 '{}' \;