External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-10 15:12:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

avoid temp dir vulnerabilities

Browse Source
This commit is contained in:
nachoparker 2018-05-09 17:20:54 +02:00
parent 2dcc66c254
commit 63f83da6cf
3 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bin/ncp-check-version
View File

@ -2,14 +2,15 @@
# update latest available version in /var/run/.ncp-latest-version
rm -rf /tmp/ncp-check-tmp
TMPDIR="$( mktemp -d /tmp/ncp-check.XXXXXX || ( echo "Failed to create temp dir. Exiting" >&2; exit 1 ) )"
trap "rm -rf \"${TMPDIR}\"; exit 0" 0 1 2 3 15
git clone --depth 20 -q --bare https://github.com/nextcloud/nextcloudpi.git /tmp/ncp-check-tmp || {
git clone --depth 20 -q --bare https://github.com/nextcloud/nextcloudpi.git "$TMPDIR" || {
echo "The git clone command failed: No connectivity to https://github.com ?"
exit 1
}
cd /tmp/ncp-check-tmp || exit 1
cd "$TMPDIR" || exit 1
VER=$( git describe --always --tags | grep -oP "v\d+\.\d+\.\d+" )
grep -qP "v\d+\.\d+\.\d+" <<< "$VER" && { # check format
echo "$VER" > /var/run/.ncp-latest-version
@ -22,5 +23,3 @@ grep -qP "v\d+\.\d+\.\d+" <<< "$VER" && { # check format
sed 's|* \[tag: |[|' > /usr/local/etc/ncp-changelog
}
cd / || exit 1
rm -rf /tmp/ncp-check-tmp

10
bin/ncp-update
View File

@ -8,14 +8,15 @@
BRANCH="${1:-master}"
[[ "$BRANCH" != "master" ]] && echo "INFO: updating to development branch '$BRANCH'"
echo -e "Downloading updates"
rm -rf /tmp/ncp-update-tmp
TMPDIR="$( mktemp -d /tmp/ncp-update.XXXXXX || ( echo "Failed to create temp dir. Exiting" >&2; exit 1 ) )"
trap "rm -rf \"${TMPDIR}\"; exit 0" 0 1 2 3 15
git clone --depth 20 -b "$BRANCH" -q https://github.com/nextcloud/nextcloudpi.git /tmp/ncp-update-tmp || {
echo -e "Downloading updates"
git clone --depth 20 -b "$BRANCH" -q https://github.com/nextcloud/nextcloudpi.git "$TMPDIR" || {
echo "No internet connectivity"
exit 1
}
cd /tmp/ncp-update-tmp
cd "$TMPDIR"
echo -e "Performing updates"
./update.sh && {
@ -36,7 +37,6 @@
}
cd /
rm -rf /tmp/ncp-update-tmp
exit
} # force to read the whole thing into memory, as its contents might change in update.sh

4
changelog.md
View File

@ -1,5 +1,7 @@
[v0.54.3](https://github.com/nextcloud/nextcloudpi/commit/921b583) (2018-05-03) nc-datadir: avoid using occ for faster execution
[v0.54.4](https://github.com/nextcloud/nextcloudpi/commit/36fed66) (2018-05-09) avoid temp dir vulnerabilities
[v0.54.3 ](https://github.com/nextcloud/nextcloudpi/commit/66dfbd0) (2018-05-03) nc-datadir: avoid using occ for faster execution
[v0.54.2 ](https://github.com/nextcloud/nextcloudpi/commit/ebfb7f1) (2018-05-03) samba: restart after configuration change