commit 7a463184c0396893b45e3f880d56dce1091a8162
parent abcd8d11e4bd6487b44eb8b1bf9c40e458541adb
Author: Marcello Stanisci <stanisci.m@gmail.com>
Date: Sat, 8 Jun 2019 19:05:26 +0200
check setgid
Diffstat:
1 file changed, 9 insertions(+), 0 deletions(-)
diff --git a/bin/taler-deployment-shared-data b/bin/taler-deployment-shared-data
@@ -6,6 +6,8 @@
# permission to the group (test|demo). Also note that any
# program that creates files must set perms by its own!
+set -e
+
if test -z $TALER_CONFIG_ENV; then
echo Please run 'source ~/activate' first.
exit 1
@@ -37,8 +39,15 @@ if ! echo $SHARED_DATA_GROUP | grep -q "^$TALER_CONFIG_ENV$"; then
echo "$SHARED_DATA has the wrong group ($SHARED_DATA_GROUP), please fix."
exit 1
fi
+
chmod g+s $SHARED_DATA
+# Double-check if setgid was set.
+if stat -L --format "%a" $SHARED_DATA | grep -q -v "^[2367][0-9][0-9][0-9]$"; then
+ echo "Please make sure $SHARED_DATA has setgid asserted"
+ exit 1
+fi
+
declare -A TALER_DIRS=(
[MERCHANT_WIRE]=$(dirname $(taler-config -s account-merchant -o wire_response -f))
[MERCHANT]=$(dirname $(taler-config -s instance-default -o keyfile -f))
