*: handle PermissionError when saving files, ensure permission bits are set correctly

closes #3817

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-10-19 20:24:28 +02:00
parent c22dae868c
commit 6882445937
4 changed files with 15 additions and 3 deletions

View file

@ -232,7 +232,11 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
return Response({})
if icon:
app.meta_icon = icon
app.save()
try:
app.save()
except PermissionError as exc:
LOGGER.warning("Failed to save icon", exc=exc)
return HttpResponseBadRequest()
return Response({})
return HttpResponseBadRequest()

View file

@ -239,7 +239,11 @@ class FlowViewSet(UsedByMixin, ModelViewSet):
return Response({})
if background:
flow.background = background
flow.save()
try:
flow.save()
except PermissionError as exc:
LOGGER.warning("Failed to save icon", exc=exc)
return HttpResponseBadRequest()
return Response({})
return HttpResponseBadRequest()

View file

@ -27,8 +27,10 @@ function check_if_root {
GROUP_NAME=$(getent group $DOCKER_GID | sed 's/:/\n/g' | head -1)
GROUP="authentik:${GROUP_NAME}"
fi
# Fix permissions of backups and media
# Fix permissions of certs and media
chown -R authentik:authentik /media /certs
chmod ug+rwx /media
chmod ug+rx /certs
exec chpst -u authentik:$GROUP env HOME=/authentik $1
}

View file

@ -15,4 +15,6 @@ To fix these issues, run these commands in the folder of your docker-compose fil
```shell
sudo chown 1000:1000 media/
sudo chown 1000:1000 custom-templates/
sudo chmod ug+rwx media/
sudo chmod ug+rx certs/
```