diff options
| author | Ken D'Ambrosio <ken@jots.org> | 2026-05-11 05:16:23 +0000 |
|---|---|---|
| committer | Ken D'Ambrosio <ken@jots.org> | 2026-05-11 05:16:23 +0000 |
| commit | 9f586a8db100c586b33f425f7699355bca43f8b4 (patch) | |
| tree | 7e9f0a53cb8047a3fd429cdafc7a231488b34494 /scripts | |
| parent | 28264e07b32e23b9f812f3946f3358355ff54632 (diff) | |
Fix set_password.rb to chown config.yml to albumen user when run as root
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/set_password.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/scripts/set_password.rb b/scripts/set_password.rb index 71bdc41..0b83861 100644 --- a/scripts/set_password.rb +++ b/scripts/set_password.rb @@ -23,4 +23,13 @@ File.write(tmp, config.to_yaml) File.rename(tmp, CONFIG_PATH) File.chmod(0o600, CONFIG_PATH) +# Ensure the service user can read the file even when this script is run as root. +begin + require 'etc' + pw = Etc.getpwnam('albumen') + File.chown(pw.uid, pw.gid, CONFIG_PATH) +rescue ArgumentError + # 'albumen' user doesn't exist (dev environment); leave ownership as-is +end + puts "Password set. Config written to #{CONFIG_PATH}" |