Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: fixes and improvements Update besu-entry.sh #8107

Closed
wants to merge 1 commit into from
Closed

fix: fixes and improvements Update besu-entry.sh #8107

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 38 additions & 19 deletions besu/src/main/scripts/besu-entry.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,35 +19,54 @@ COMMAND="/opt/besu/bin/besu $@"

# Check if current user is not root. If not, run the command as is.
if [ "$(id -u)" -ne 0 ]; then
echo "Running as non-root user. Executing command directly."
exec /bin/bash -c "$COMMAND"
exit 0 # Explicitly exit the script after exec to avoid further execution
fi

# Check if BESU_USER_NAME is set
if [ -z "$BESU_USER_NAME" ]; then
echo "Error: BESU_USER_NAME is not set. Please set the BESU_USER_NAME environment variable."
exit 1
fi

# Run Besu first to get paths needing permission adjustment
echo "Fetching paths and access types from Besu..."
output=$(/opt/besu/bin/besu --print-paths-and-exit $BESU_USER_NAME "$@")
if [ $? -ne 0 ]; then
echo "Error: Failed to get paths from Besu. Exiting."
exit 1
fi

# Parse the output to find the paths and their required access types
echo "$output" | while IFS=: read -r prefix path accessType; do
echo "Parsing output and setting permissions..."
echo "$output" | while IFS= read -r line; do
# Split the line into prefix, path, and accessType using ':' as delimiter
prefix=$(echo "$line" | cut -d: -f1)
path=$(echo "$line" | cut -d: -f2)
accessType=$(echo "$line" | cut -d: -f3)

if [[ "$prefix" == "PERMISSION_CHECK_PATH" ]]; then
# Change ownership to besu user and group
chown -R $BESU_USER_NAME:$BESU_USER_NAME $path

# Ensure read/write permissions for besu user

echo "Setting permissions for: $path with access: $accessType"

if [[ "$accessType" == "READ" ]]; then
# Set read-only permissions for besu user
# Add execute for directories to allow access
find $path -type d -exec chmod u+rx {} \;
find $path -type f -exec chmod u+r {} \;
elif [[ "$accessType" == "READ_WRITE" ]]; then
# Set read/write permissions for besu user
# Add execute for directories to allow access
find $path -type d -exec chmod u+rwx {} \;
find $path -type f -exec chmod u+rw {} \;
fi
# Change ownership to besu user and group
chown -R $BESU_USER_NAME:$BESU_USER_NAME "$path"

# Ensure read/write permissions for besu user
echo "Setting permissions for: $path with access: $accessType"

if [[ "$accessType" == "READ" ]]; then
# Set read-only permissions for besu user
# Add execute for directories to allow access
find "$path" -type d -exec chmod u+rx {} \;
find "$path" -type f -exec chmod u+r {} \;
elif [[ "$accessType" == "READ_WRITE" ]]; then
# Set read/write permissions for besu user
# Add execute for directories to allow access
find "$path" -type d -exec chmod u+rwx {} \;
find "$path" -type f -exec chmod u+rw {} \;
fi
fi
done

# Switch to the besu user and execute the command
echo "Switching to user $BESU_USER_NAME and executing command: $COMMAND"
exec su -s /bin/bash "$BESU_USER_NAME" -c "$COMMAND"