Macintosh-HW/RASCSI
1
0
Fork 0
mirror of https://github.com/akuker/RASCSI.git synced 2024-11-26 13:49:21 +00:00
Code Issues Projects Releases Wiki Activity

Create the secret file in .config/rascsi instead. Plus some added code comments, and removing a superfluous sudo -v.

Browse Source
This commit is contained in:
Daniel Markstedt 2022-07-28 22:48:18 -07:00
parent e51517ca60
commit 8265d25d88
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
easyinstall.sh
View File

@ -89,9 +89,10 @@ function compileRaScsi() {
echo "Compiling with ${CORES:-1} simultaneous cores..." echo "Compiling with ${CORES:-1} simultaneous cores..."
make clean </dev/null make clean </dev/null
# Refresh the sudo authentication, which shouldn't trigger another password prompt
sudo -v sudo -v
make -j "${CORES:-1}" all CONNECT_TYPE="${CONNECT_TYPE:-FULLSPEC}" </dev/null make -j "${CORES:-1}" all CONNECT_TYPE="${CONNECT_TYPE:-FULLSPEC}" </dev/null
sudo -v
} }
function cleanupOutdatedManPage() { function cleanupOutdatedManPage() {
@ -223,6 +224,8 @@ function configureTokenAuth() {
echo "Do you want to protect your RaSCSI installation with a password? [y/N]" echo "Do you want to protect your RaSCSI installation with a password? [y/N]"
read REPLY read REPLY
SECRET_FILE="$HOME/.config/rascsi/rascsi_secret"
if [ "$REPLY" == "y" ] || [ "$REPLY" == "Y" ]; then if [ "$REPLY" == "y" ] || [ "$REPLY" == "Y" ]; then
echo -n "Enter the password that you want to use: " echo -n "Enter the password that you want to use: "
read -r TOKEN read -r TOKEN
@ -230,11 +233,17 @@ function configureTokenAuth() {
sudo rm "$HOME/.rascsi_secret" sudo rm "$HOME/.rascsi_secret"
echo "Removed old RaSCSI token file" echo "Removed old RaSCSI token file"
fi fi
echo "$TOKEN" > "$HOME/.rascsi_secret" if [ -f "$SECRET_FILE" ]; then
sudo chown root:root "$HOME/.rascsi_secret" sudo rm "$SECRET_FILE"
sudo chmod 600 "$HOME/.rascsi_secret" echo "Removed old RaSCSI token file"
fi
echo "$TOKEN" > "$SECRET_FILE"
# Make the secret file owned and only readable by root
sudo chown root:root "$SECRET_FILE"
sudo chmod 600 "$SECRET_FILE"
echo "" echo ""
echo "Configured RaSCSI to use $HOME/.rascsi_secret for authentication. This file is readable by root only." echo "Configured RaSCSI to use $SECRET_FILE for authentication. This file is readable by root only."
echo "Make note of your password: you will need it to use rasctl and other RaSCSI clients." echo "Make note of your password: you will need it to use rasctl and other RaSCSI clients."
fi fi
} }
@ -242,8 +251,7 @@ function configureTokenAuth() {
# Modifies and installs the rascsi service # Modifies and installs the rascsi service
function enableRaScsiService() { function enableRaScsiService() {
if [ ! -z "$TOKEN" ]; then if [ ! -z "$TOKEN" ]; then
sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH -P $HOME/.rascsi_secret@" "$SYSTEMD_PATH/rascsi.service" sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH -P $SECRET_FILE@" "$SYSTEMD_PATH/rascsi.service"
sudo chmod 600 "$SYSTEMD_PATH/rascsi.service"
else else
sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH@" "$SYSTEMD_PATH/rascsi.service" sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH@" "$SYSTEMD_PATH/rascsi.service"
fi fi
@ -264,6 +272,7 @@ function installWebInterfaceService() {
echo "$TOKEN" echo "$TOKEN"
if [ ! -z "$TOKEN" ]; then if [ ! -z "$TOKEN" ]; then
sudo sed -i "8 i ExecStart=$WEB_INSTALL_PATH/start.sh --password=$TOKEN" "$SYSTEMD_PATH/rascsi-web.service" sudo sed -i "8 i ExecStart=$WEB_INSTALL_PATH/start.sh --password=$TOKEN" "$SYSTEMD_PATH/rascsi-web.service"
# Make the service file readable by root only, to protect the token string
sudo chmod 600 "$SYSTEMD_PATH/rascsi-web.service" sudo chmod 600 "$SYSTEMD_PATH/rascsi-web.service"
echo "Granted access to the Web Interface with the token password that you configured for RaSCSI." echo "Granted access to the Web Interface with the token password that you configured for RaSCSI."
else else
@ -932,6 +941,7 @@ function installRaScsiScreen() {
sudo sed -i /^ExecStart=/d "$SYSTEMD_PATH/rascsi-oled.service" sudo sed -i /^ExecStart=/d "$SYSTEMD_PATH/rascsi-oled.service"
if [ ! -z "$TOKEN" ]; then if [ ! -z "$TOKEN" ]; then
sudo sed -i "8 i ExecStart=$OLED_INSTALL_PATH/start.sh --rotation=$ROTATION --height=$SCREEN_HEIGHT --password=$TOKEN" "$SYSTEMD_PATH/rascsi-oled.service" sudo sed -i "8 i ExecStart=$OLED_INSTALL_PATH/start.sh --rotation=$ROTATION --height=$SCREEN_HEIGHT --password=$TOKEN" "$SYSTEMD_PATH/rascsi-oled.service"
# Make the service file readable by root only, to protect the token string
sudo chmod 600 "$SYSTEMD_PATH/rascsi-oled.service" sudo chmod 600 "$SYSTEMD_PATH/rascsi-oled.service"
echo "Granted access to the OLED Monitor with the password that you configured for RaSCSI." echo "Granted access to the OLED Monitor with the password that you configured for RaSCSI."
else else