Hardening permissions and adding existential check for aether user

2023-10-10 13:04:45 -05:00
parent 543e698db8
commit cf5cdb8f4f
2 changed files with 11 additions and 9 deletions
--- a/12
+++ b/12
@@ -7,16 +7,16 @@ compile:
 install: compile
 	mkdir -p ${pkgdir}/usr/local/sbin
 	mkdir -p ${pkgdir}/usr/local/etc
-	install -m 0750 -o aether aether.bash ${pkgdir}/usr/local/sbin
-	install -m 0750 -o root -g root aether-gen.bash ${pkgdir}/usr/local/sbin
-	install -m 0750 -o root -g root remote-backup ${pkgdir}/usr/local/sbin
-	install -m 0750 -o aether -d ${pkgdir}/usr/local/etc/Aether
-	install -m 0750 -o aether -d ${pkgdir}/usr/local/etc/Aether/backup-entries
+	install -m 0700 -o aether aether.bash ${pkgdir}/usr/local/sbin
+	install -m 0700 -o root -g root aether-gen.bash ${pkgdir}/usr/local/sbin
+	install -m 0700 -o root -g root remote-backup ${pkgdir}/usr/local/sbin
+	install -m 0700 -o aether -d ${pkgdir}/usr/local/etc/Aether
+	install -m 0700 -o aether -d ${pkgdir}/usr/local/etc/Aether/backup-entries
 	mkdir -p ${pkgdir}/usr/lib/systemd/system
 	for i in *.service *.timer; do install -m 0640 -o root -g root "$$i" ${pkgdir}/usr/lib/systemd/system; done

 checkperm:
-	for i in ${pkgdir}/usr/local/sbin/aether.bash ${pkgdir}/usr/local/sbin/aether-gen.bash ${pkgdir}/usr/local/sbin/remote-backup ${pkgdir}/usr/local/etc/Aether; do chmod 0750 "$$i"; done
+	for i in ${pkgdir}/usr/local/sbin/aether.bash ${pkgdir}/usr/local/sbin/aether-gen.bash ${pkgdir}/usr/local/sbin/remote-backup ${pkgdir}/usr/local/etc/Aether; do chmod 0700 "$$i"; done
 	for i in ${pkgdir}/usr/local/sbin/aether.bash ${pkgdir}/usr/local/sbin/aether-gen.bash ${pkgdir}/usr/local/sbin/remote-backup ${pkgdir}/usr/local/etc/Aether; do chown root: "$$i"; done
 	chown aether: ${pkgdir}/usr/local/sbin/aether.bash
 	for i in *.service *.timer; do chown root: ${pkgdir}/usr/lib/systemd/system; chmod 0640 ${pkgdir}/usr/lib/systemd/system; done