mostly new music stuff

[distro-setup] / conflink

diff --git a/conflink b/conflink
index 1cefd0bd3f7bad668d25e380b717c80a51689b7e..e5cf3fbfda0d599f60c24435b8de356203831d8e 100755 (executable)
--- a/conflink
+++ b/conflink
@@ -56,6 +56,7 @@ readonly fast verbose
 ##### end command line parsing ########
 
 
+tmpf=$(mktemp)
 if $fast; then
   lnf() { ln -sf "$@"; }
 fi
@@ -106,18 +107,21 @@ common-file-setup() {
   local -a reload_services
   local -a restart_services
   reload_systemd=false
+  # note, i ran chmod -R g-s on the filesystem dirs
+  # so i could keep permissions of secret files
   for dir in "$@"; do
     fs=$dir/filesystem
     if [[ -e $fs && $user =~ ^iank?$ ]]; then
       # we dont want t, instead c for checksum.
       # That way we dont set times on directories.
       # -a = -rlptgoD
-      cmd=( s rsync -rclpgoDiSAX --chown=root:root --chmod=g-s
+      cmd=( s rsync -rclpgoDiSAX --chown=root:root
             --exclude=/etc/dovecot/users
             --exclude='/etc/exim4/passwd*'
             --exclude='/etc/exim4/*.pem'
             $fs/ / )
       echo "${cmd[@]@Q}"
+      "${cmd[@]}" | tee $tmpf
       while read -r line; do
         file="${line:12}"
         case $file in
@@ -147,7 +151,7 @@ common-file-setup() {
         # A = preserve acls
         # X = preserve extended attributes
         # i = itemize
-      done < <("${cmd[@]}")
+      done <$tmpf
     fi
 
     if ! $fast && [[ -e $dir/subdir_files ]]; then
@@ -213,6 +217,10 @@ case $user in
     #### begin special extra stuff ####
     install -d -m700 ~/gpg-agent-socket
 
+    if [[ -e /etc/bitcoin ]] && getent group bitcoin &>/dev/null; then
+      s chown bitcoin:bitcoin /etc/bitcoin
+    fi
+
     f=/var/lib/bind
     if [[ -e $f ]]; then
       # reset to the original permissions.
@@ -228,6 +236,7 @@ case $user in
     fi
     for f in /etc/prometheus-{,export-}htpasswd; do
       if [[ -e $f ]]; then
+        # note: this is duplicative of the file's own permissions
         s chmod 640 $f
         if getent passwd www-data &>/dev/null; then
           s chown root:www-data $f
@@ -237,11 +246,25 @@ case $user in
     f=/etc/prometheus-pass
     if [[ -e $f ]]; then
       # note: this is duplicative of the file's own permissions
-      s chmod 640 $f /etc/prometheus-pass
+      s chmod 640 $f
       if getent passwd prometheus &>/dev/null; then
         s chown root:prometheus $f
       fi
     fi
+    f=/etc/nagios4/htdigest.users
+    if [[ -e $f ]]; then
+      # note: this is duplicative of the file's own permissions
+      s chmod 640 $f /etc/prometheus-pass
+      if getent passwd nagios &>/dev/null; then
+        s chown nagios:www-data $f
+      fi
+    fi
+    f=/var/lib/bitcoind/settings.json
+    if [[ -e $f ]]; then
+      if getent passwd bitcoin &>/dev/null; then
+        s chown bitcoin:bitcoin $f
+      fi
+    fi
     ##### end special extra stuff #####
 
     if ! $fast; then