OLD | NEW |
1 #!/bin/bash | 1 #!/bin/bash |
2 | 2 |
3 # Copyright (c) 2009 The Chromium Authors. All rights reserved. | 3 # Copyright (c) 2009 The Chromium Authors. All rights reserved. |
4 # Use of this source code is governed by a BSD-style license that can be | 4 # Use of this source code is governed by a BSD-style license that can be |
5 # found in the LICENSE file. | 5 # found in the LICENSE file. |
6 | 6 |
7 # Called by the Keystone system to update the installed application with a new | 7 # Called by the Keystone system to update the installed application with a new |
8 # version from a disk image. | 8 # version from a disk image. |
9 | 9 |
10 # Return values: | 10 # Return values: |
(...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
264 if (! ps -ewwo comm= | \ | 264 if (! ps -ewwo comm= | \ |
265 cut -c "1-${#PS_STRING}" | \ | 265 cut -c "1-${#PS_STRING}" | \ |
266 grep -Fqx "${PS_STRING}") && | 266 grep -Fqx "${PS_STRING}") && |
267 (! lsof "${LSOF_FILE}" >& /dev/null) ; then | 267 (! lsof "${LSOF_FILE}" >& /dev/null) ; then |
268 # It doesn't look like anything is using this versioned directory. Get rid | 268 # It doesn't look like anything is using this versioned directory. Get rid |
269 # of it. | 269 # of it. |
270 rm -rf "${versioned_dir}" | 270 rm -rf "${versioned_dir}" |
271 fi | 271 fi |
272 done | 272 done |
273 | 273 |
274 # If this script is not running as root (indicating an update driven by user | 274 # If this script is not running as root (indicating an update driven by a user |
275 # Keystone) and the application is installed somewhere under /Applications, | 275 # Keystone ticket) and the application is installed somewhere under |
276 # try to make it writeable by all admin users. This will allow other admin | 276 # /Applications, try to make it writeable by all admin users. This will allow |
277 # users to update the application from their own user Keystone instances. | 277 # other admin users to update the application from their own user Keystone |
| 278 # instances. |
278 # | 279 # |
279 # If this script is running as root, it's driven by system Keystone, and | 280 # If the script is not running as root and the application is not installed |
280 # future updates can be expected to be applied the same way, so | 281 # under /Applications, it might not be in a system-wide location, and it |
281 # admin-writeability is not a concern. | 282 # probably won't be something that other users on the system are running, so |
| 283 # err on the side of safety and don't make it group-writeable. |
282 # | 284 # |
283 # If the application is not installed under /Applications, it might not be in | 285 # If this script is running as root, it's driven by a system Keystone ticket, |
284 # a system-wide location, and it probably won't be something that other users | 286 # and future updates can be expected to be applied the same way, so |
285 # are running, so err on the side of safety and don't make it group-writeable. | 287 # admin-writeability is not a concern. Set the entire thing to be owned by |
| 288 # root in that case, regardless of where it's installed, and drop any group |
| 289 # and other write permission. |
286 # | 290 # |
287 # If this script is running as a user that is not a member of the admin group, | 291 # If this script is running as a user that is not a member of the admin group, |
288 # this operation will not succeed. Tolerate that case, because it's better | 292 # the chgrp operation will not succeed. Tolerate that case, because it's |
289 # than the alternative, which is to make the application world-writeable. | 293 # better than the alternative, which is to make the application |
290 if [ ${EUID} -ne 0 ] && [ "${DEST:0:14}" = "/Applications/" ] ; then | 294 # world-writeable. |
291 (chgrp -Rfh admin "${DEST}" && chmod -Rf g+w "${DEST}") >& /dev/null | 295 CHMOD_MODE="a+rX,u+w,go-w" |
| 296 if [ ${EUID} -ne 0 ] ; then |
| 297 if [ "${DEST:0:14}" = "/Applications/" ] && |
| 298 chgrp -Rh admin "${DEST}" >& /dev/null ; then |
| 299 CHMOD_MODE="a+rX,ug+w,o-w" |
| 300 fi |
| 301 else |
| 302 chown -Rh root:wheel "${DEST}" >& /dev/null |
292 fi | 303 fi |
293 | 304 |
| 305 chmod -R "${CHMOD_MODE}" "${DEST}" >& /dev/null |
| 306 |
294 # Great success! | 307 # Great success! |
295 exit 0 | 308 exit 0 |
OLD | NEW |