check and set db permissions

2024-08-21 10:20:54 +02:00 · 2024-08-21 10:20:54 +02:00 · b63cdb9888
commit b63cdb9888
parent abd78d89bf
6 changed files with 148 additions and 35 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -348,6 +348,12 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"

+[[package]]
+name = "adler2"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627"
+
 [[package]]
 name = "ahash"
 version = "0.8.11"
@ -528,7 +534,7 @@ dependencies = [
 "cc",
 "cfg-if",
 "libc",
- "miniz_oxide",
+ "miniz_oxide 0.7.4",
 "object",
 "rustc-demangle",
 ]
@ -649,6 +655,12 @@ version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"

+[[package]]
+name = "cfg_aliases"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
+
 [[package]]
 name = "change-detection"
 version = "1.2.0"
@ -1097,7 +1109,7 @@ checksum = "9fc0510504f03c51ada170672ac806f1f105a88aa97a5281117e1ddc3368e51a"

 [[package]]
 name = "ffplayout"
-version = "0.24.0-beta1"
+version = "0.24.0-beta2"
 dependencies = [
 "actix-files",
 "actix-multipart",
@ -1122,6 +1134,7 @@ dependencies = [
 "lexical-sort",
 "local-ip-address",
 "log",
+ "nix",
 "notify",
 "notify-debouncer-full",
 "num-traits",
@ -1195,12 +1208,12 @@ dependencies = [

 [[package]]
 name = "flate2"
-version = "1.0.31"
+version = "1.0.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f211bbe8e69bbd0cfdea405084f128ae8b4aaa6b0b522fc8f2b009084797920"
+checksum = "9c0596c1eac1f9e04ed902702e9878208b336edc9d6fddc8a48387349bab3666"
 dependencies = [
 "crc32fast",
- "miniz_oxide",
+ "miniz_oxide 0.8.0",
 ]

 [[package]]
@ -1818,9 +1831,9 @@ dependencies = [

 [[package]]
 name = "libc"
-version = "0.2.157"
+version = "0.2.158"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "374af5f94e54fa97cf75e945cce8a6b201e88a1a07e688b47dfd2a59c66dbd86"
+checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439"

 [[package]]
 name = "libm"
@ -1960,6 +1973,15 @@ dependencies = [
 "adler",
 ]

+[[package]]
+name = "miniz_oxide"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1"
+dependencies = [
+ "adler2",
+]
+
 [[package]]
 name = "mio"
 version = "0.8.11"
@ -2010,6 +2032,18 @@ dependencies = [
 "syn 1.0.109",
 ]

+[[package]]
+name = "nix"
+version = "0.29.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46"
+dependencies = [
+ "bitflags 2.6.0",
+ "cfg-if",
+ "cfg_aliases",
+ "libc",
+]
+
 [[package]]
 name = "nom"
 version = "7.1.3"
@ -2530,9 +2564,9 @@ checksum = "ba39f3699c378cd8970968dcbff9c43159ea4cfbd88d43c00b22f2ef10a435d2"

 [[package]]
 name = "reqwest"
-version = "0.12.5"
+version = "0.12.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c7d6d2a27d57148378eb5e111173f4276ad26340ecc5c49a4a2152167a2d6a37"
+checksum = "f8f4955649ef5c38cc7f9e8aa41761d48fb9677197daea9984dc54f56aad5e63"
 dependencies = [
 "base64 0.22.1",
 "bytes",
@ -2568,7 +2602,7 @@ dependencies = [
 "wasm-bindgen-futures",
 "web-sys",
 "webpki-roots",
- "winreg",
+ "windows-registry",
 ]

 [[package]]
@ -3372,6 +3406,9 @@ name = "sync_wrapper"
 version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a7065abeca94b6a8a577f9bd45aa0867a2238b74e8eb67cf10d492bc39351394"
+dependencies = [
+ "futures-core",
+]

 [[package]]
 name = "sysinfo"
@ -3402,7 +3439,7 @@ dependencies = [

 [[package]]
 name = "tests"
-version = "0.24.0-beta1"
+version = "0.24.0-beta2"
 dependencies = [
 "chrono",
 "crossbeam-channel",
@ -3687,15 +3724,15 @@ dependencies = [

 [[package]]
 name = "unicode-properties"
-version = "0.1.1"
+version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e4259d9d4425d9f0661581b804cb85fe66a4c631cadd8f490d1c13a35d5d9291"
+checksum = "52ea75f83c0137a9b98608359a5f1af8144876eb67bcb1ce837368e906a9f524"

 [[package]]
 name = "unicode-xid"
-version = "0.2.4"
+version = "0.2.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c"
+checksum = "229730647fbc343e3a80e463c1db7f78f3855d3f3739bee0dda773c9a037c90a"

 [[package]]
 name = "unicode_categories"
@ -3974,7 +4011,7 @@ checksum = "d2ed2439a290666cd67ecce2b0ffaad89c2a56b976b736e6ece670297897832d"
 dependencies = [
 "windows-implement",
 "windows-interface",
- "windows-result",
+ "windows-result 0.1.2",
 "windows-targets 0.52.6",
 ]

@ -4000,6 +4037,17 @@ dependencies = [
 "syn 2.0.75",
 ]

+[[package]]
+name = "windows-registry"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e400001bb720a623c1c69032f8e3e4cf09984deec740f007dd2b03ec864804b0"
+dependencies = [
+ "windows-result 0.2.0",
+ "windows-strings",
+ "windows-targets 0.52.6",
+]
+
 [[package]]
 name = "windows-result"
 version = "0.1.2"
@ -4009,6 +4057,25 @@ dependencies = [
 "windows-targets 0.52.6",
 ]

+[[package]]
+name = "windows-result"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d1043d8214f791817bab27572aaa8af63732e11bf84aa21a45a78d6c317ae0e"
+dependencies = [
+ "windows-targets 0.52.6",
+]
+
+[[package]]
+name = "windows-strings"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10"
+dependencies = [
+ "windows-result 0.2.0",
+ "windows-targets 0.52.6",
+]
+
 [[package]]
 name = "windows-sys"
 version = "0.48.0"
@ -4166,16 +4233,6 @@ dependencies = [
 "memchr",
 ]

-[[package]]
-name = "winreg"
-version = "0.52.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a277a57398d4bfa075df44f501a17cfdf8542d224f0d36095a2adc7aee4ef0a5"
-dependencies = [
- "cfg-if",
- "windows-sys 0.48.0",
-]
-
 [[package]]
 name = "zerocopy"
 version = "0.7.35"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -4,7 +4,7 @@ default-members = ["ffplayout", "tests"]
 resolver = "2"

 [workspace.package]
-version = "0.24.0-beta1"
+version = "0.24.0-beta2"
 license = "GPL-3.0"
 repository = "https://github.com/ffplayout/ffplayout"
 authors = ["Jonathan Baecker <jonbae77@gmail.com>"]
--- a/docs/install.md
+++ b/docs/install.md
@ -9,13 +9,13 @@ ffplayout provides ***.deb** and ***.rpm** packages, which makes it more easy to
    - `systemctl enable ffplayout`
 5. initial defaults and add global admin user:
    - `sudo -u ffpu ffplayout -i`
-6. use a revers proxy for SSL, Port is **8787**.
-7. login with your browser, address without proxy would be: **http://[IP ADDRESS]:8787**
+6. start ffplayout:
+    - `systemctl start ffplayout`
+7. use a revers proxy for SSL, Port is **8787**.
+8. login with your browser, address without proxy would be: **http://[IP ADDRESS]:8787**

 Default location for playlists and media files are: **/var/lib/ffplayout/**.

-When playlists are created and the ffplayout output is configured, you can start the process: `systemctl start ffplayout`, or click start in frontend.
-
 ### Manual Install
 -----

--- a/ffplayout/Cargo.toml
+++ b/ffplayout/Cargo.toml
@ -36,6 +36,7 @@ lettre = { version = "0.11", features = ["builder", "rustls-tls", "smtp-transpor
 lexical-sort = "0.3"
 local-ip-address = "0.6"
 log = { version = "0.4", features = ["std", "serde", "kv", "kv_std", "kv_sval", "kv_serde"] }
+nix = { version = "0.29", features = ["user", "fs"] }
 notify = "6.0"
 notify-debouncer-full = { version = "*", default-features = false }
 num-traits = "0.2"
--- a/ffplayout/src/main.rs
+++ b/ffplayout/src/main.rs
@ -289,7 +289,7 @@ async fn main() -> std::io::Result<()> {
                    playlist,
                    Arc::new(AtomicBool::new(false)),
                );
-            } else {
+            } else if !ARGS.init {
                error!("Run ffplayout with parameters! Run ffplayout -h for more information.");
            }
        }
--- a/ffplayout/src/utils/args_parse.rs
+++ b/ffplayout/src/utils/args_parse.rs
@ -1,6 +1,8 @@
 use std::{
+    fs,
    io::{stdin, stdout, Write},
-    path::PathBuf,
+    path::{Path, PathBuf},
+    process::exit,
 };

 use clap::Parser;
@ -14,6 +16,7 @@ use crate::db::{
 use crate::utils::{
    advanced_config::AdvancedConfig,
    config::{OutputMode, PlayoutConfig},
+    db_path,
 };
 use crate::ARGS;

@ -202,6 +205,37 @@ pub async fn run_args(pool: &Pool<Sqlite>) -> Result<(), i32> {
    let mut error_code = -1;

    if args.init {
+        let uid = nix::unistd::Uid::current();
+        let current_user = nix::unistd::User::from_uid(uid).unwrap_or_default();
+        let process_user = nix::unistd::User::from_name("ffpu").unwrap_or_default();
+        let mut fix_permission = false;
+
+        #[cfg(target_family = "unix")]
+        if current_user != process_user {
+            let user_name = current_user.unwrap().name;
+            let mut fix_perm = String::new();
+
+            println!(
+                "\nYou run the initialization as user {}. Fix permissions after initialization?",
+                user_name
+            );
+
+            print!("Fix permission [Y/n]: ");
+            stdout().flush().unwrap();
+
+            stdin()
+                .read_line(&mut fix_perm)
+                .expect("Did not enter a yes or no?");
+
+            fix_permission = fix_perm.trim().to_lowercase().starts_with('y');
+
+            if fix_permission && user_name != "root" {
+                println!("You do not have permission to change DB file ownership! Run as proper process user or root.");
+
+                exit(1);
+            }
+        }
+
        let check_user = handles::select_users(pool).await;

        let mut storage = String::new();
@ -292,7 +326,7 @@ pub async fn run_args(pool: &Pool<Sqlite>) -> Result<(), i32> {

        stdin()
            .read_line(&mut shared_store)
-            .expect("Did not enter a correct path?");
+            .expect("Did not enter a yes or no?");

        global.shared_storage = shared_store.trim().to_lowercase().starts_with('y');

@ -308,7 +342,28 @@ pub async fn run_args(pool: &Pool<Sqlite>) -> Result<(), i32> {
            handles::update_channel(pool, 1, channel).await.unwrap();
        };

-        println!("Set global settings...");
+        if fix_permission {
+            let db_path = Path::new(db_path().unwrap()).with_extension("");
+            let user = process_user.unwrap();
+
+            let db = fs::canonicalize(db_path.with_extension("db")).unwrap();
+            let shm = fs::canonicalize(db_path.with_extension("db-shm")).unwrap();
+            let wal = fs::canonicalize(db_path.with_extension("db-wal")).unwrap();
+
+            nix::unistd::chown(&db, Some(user.uid), Some(user.gid)).expect("Change DB owner");
+
+            if shm.is_file() {
+                nix::unistd::chown(&shm, Some(user.uid), Some(user.gid))
+                    .expect("Change DB-SHM owner");
+            }
+
+            if wal.is_file() {
+                nix::unistd::chown(&wal, Some(user.uid), Some(user.gid))
+                    .expect("Change DB-WAL owner");
+            }
+        }
+
+        println!("\nSet global settings done...");
    }

    if args.add {