diff options
-rwxr-xr-x | bin/taler-deployment-config-generate | 2 | ||||
-rwxr-xr-x | bin/taler-deployment-keyup | 3 | ||||
-rwxr-xr-x | bin/taler-deployment-shared-data | 10 |
3 files changed, 9 insertions, 6 deletions
diff --git a/bin/taler-deployment-config-generate b/bin/taler-deployment-config-generate index 8dd5695..9995d65 100755 --- a/bin/taler-deployment-config-generate +++ b/bin/taler-deployment-config-generate @@ -27,14 +27,12 @@ AUDITOR_MASTER_PRIV=$(taler-config -s auditor -o auditor_priv_file -f) if [[ ! -f $EXCHANGE_MASTER_PRIV ]] ; then mkdir -p $(dirname $EXCHANGE_MASTER_PRIV) cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv $EXCHANGE_MASTER_PRIV - chgrp ${TALER_CONFIG_ENV} $EXCHANGE_MASTER_PRIV chmod g+rx $EXCHANGE_MASTER_PRIV fi if [[ ! -f $AUDITOR_MASTER_PRIV ]] ; then mkdir -p $(dirname $AUDITOR_MASTER_PRIV) cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv $AUDITOR_MASTER_PRIV - chgrp ${TALER_CONFIG_ENV} $AUDITOR_MASTER_PRIV chmod g+rx $AUDITOR_MASTER_PRIV fi diff --git a/bin/taler-deployment-keyup b/bin/taler-deployment-keyup index 1c487a2..ab5ec30 100755 --- a/bin/taler-deployment-keyup +++ b/bin/taler-deployment-keyup @@ -25,10 +25,8 @@ taler-exchange-keyup \ # or-ing with true as user A won't be able to # change permissions for user B's files. -chgrp -R $TALER_CONFIG_ENV $EXCHANGE_LIVE_KEYS/* || true chmod -R 070 $EXCHANGE_LIVE_KEYS/* || true -chgrp -R $TALER_CONFIG_ENV $EXCHANGE_WIREFEES/* || true chmod -R 070 $EXCHANGE_WIREFEES/* || true taler-auditor-exchange \ @@ -49,5 +47,4 @@ fi # or-ing with true as user A won't be able to # change permissions for user B's files. -chgrp -R $TALER_CONFIG_ENV $AUDITOR_BASE_DIR/* || true chmod -R 070 $AUDITOR_BASE_DIR/* || true diff --git a/bin/taler-deployment-shared-data b/bin/taler-deployment-shared-data index 805fcf6..7f59387 100755 --- a/bin/taler-deployment-shared-data +++ b/bin/taler-deployment-shared-data @@ -30,6 +30,15 @@ if ! test -w $SHARED_DATA; then exit 0 fi +# Check if shared-data/ has the right group (test|demo), +# and set the SETGID permission if so. +SHARED_DATA_GROUP=$(stat --format "%G" $SHARED_DATA) +if ! echo $SHARED_DATA_GROUP | grep $TALER_CONFIG_ENV; then + echo "$SHARED_DATA has the wrong group ($SHARED_DATA_GROUP), please fix." + exit 1 +fi +chmod g+s $SHARED_DATA + declare -A TALER_DIRS=( [MERCHANT_WIRE]=$(dirname $(taler-config -s account-merchant -o wire_response -f)) [MERCHANT]=$(dirname $(taler-config -s instance-default -o keyfile -f)) @@ -50,5 +59,4 @@ for dir in ${TALER_DIRS[@]}; do done # All dirs will give only the group RWX perms. -chgrp -R $TALER_CONFIG_ENV $SHARED_DATA chmod -R 070 $SHARED_DATA |