blob: 986a650d2c2119920fa5a342180b28d18621467b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
#!/bin/bash
# @author Marcello Stanisci
# @brief Creates the directories hierarchy under $HOME/shared-data/.
# Note: shared-data/ must already exist and give execute
# permission to the group (test|demo). Also note that any
# program that creates files must set perms by its own!
set -e
if test -z $TALER_CONFIG_ENV; then
echo Please run 'source ~/activate' first.
exit 1
fi
# Check shared-data/ exists
if ! test -e $SHARED_DATA; then
echo "Please bootstrap your setup first (run 'bootstrap-bluegreen' script?)."
exit 1
fi
if ! test -e $HOME/.config/taler.conf; then
echo "Please generate config first (taler-deployment-config-generate)."
exit 1
fi
SHARED_DATA=$(taler-config -s paths -o taler_deployment_shared -f)
# Check if shared-data/ is clean.
if test -e $SHARED_DATA/hier.lock; then
echo "$SHARED_DATA locked, exiting"
exit 0
fi
# Check if it's writeable.
if ! test -w $SHARED_DATA; then
echo "Can't write under $SHARED_DATA, please ajdust permissions"
exit 0
fi
# Check if shared-data/ has the right group (test|demo),
# and set the SETGID permission if so.
SHARED_DATA_GROUP=$(stat -L --format "%G" $SHARED_DATA)
if ! echo $SHARED_DATA_GROUP | grep -q "^$TALER_CONFIG_ENV$"; then
echo "$SHARED_DATA has the wrong group ($SHARED_DATA_GROUP), please fix."
exit 1
fi
# Double-check if setgid was set.
if stat -L --format "%a" $SHARED_DATA | grep -q -v "^[2367][0-9][0-9][0-9]$"; then
echo "Please make sure $SHARED_DATA has setgid asserted"
exit 1
fi
declare -A TALER_DIRS=(
[MERCHANT_WIRE]=$(dirname $(taler-config -s account-merchant -o wire_response -f))
[MERCHANT]=$(dirname $(taler-config -s instance-default -o keyfile -f))
[EXCHANGE_WIREFEES]=$(taler-config -s exchangedb -o wirefee_base_dir -f)
[EXCHANGE_AUDITOR_REQUEST]=$(taler-config -s exchangedb -o auditor_inputs -f)
[EXCHANGE_WIRE]=$(basename $(taler-config -s account-1 -o wire_response -f))
[EXCHANGE_OFFLINE_KEYS]=$(dirname $(taler-config -s exchange -o master_priv_file -f))
[EXCHANGE_LIVE_KEYS]=$(taler-config -s -o keydir -f)
[EXCHANGE_AUDITORS]=$(taler-config -s exchangedb -o auditor_base_dir -f)
[AUDITOR_REPORTS]=$(taler-config -s auditor -o reports -f)
[AUDITOR_OFFLINE_KEYS]=$(dirname $(taler-config -s auditor -o auditor_priv_file -f))
)
for dir in ${TALER_DIRS[@]}; do
##
# Ineffective for exchange's and auditor's privs paths
# as those were created when the configuration was generated
# (recall: this script is very dependent on taler.conf!)
mkdir -p $dir
done
# All dirs will give only the group RWX perms.
chmod -R 770 $SHARED_DATA/*
touch $SHARED_DATA/hier.lock
|