Skip to content

Commit

Permalink
redesign shared folder handling (#5649)
Browse files Browse the repository at this point in the history
* redesign shared folder handling
- avoid use of wizard variable `wizard_volume` in installer.functions
- dsm 7 preinst function must not validate volume of shared folder, as shares are fully provided by DSM
- update evaluation of SHARED_PATH on DSM 7
- simplify EFF_USER definition (we do not support to run DSM 5 packages on DSM 6 anymore)

* add Makefile variable SERVICE_WIZARD_SHARENAME for new approach
- introduce variable SERVICE_WIZARD_SHARENAME for redesigned share folder handling
- document make variables SERVICE_WIZARD_SHARE and USE_DATA_SHARE_WORKER as deprecated
- update demoservice with new shared folder handling
- use start.sh to start demoservice since SERVICE_COMMAND with parameters does not work on DSM with ash shell
- use python3 for demoservice, when available in path
- log SHARE_PATH and SHARE_NAME variables in demoservice installer log
- fix function load_variables_from_file (does not work when called within sub shell by call_func)
- drop support for SERVICE_EXE (deprecated since DSM 7 support)
- drop support for SERVICE_WIZARD_GROUP
- initialize and log variables for shared folder in function linitialize_variables
- use "sc-" user prefix for DSM 5 too
- remove check for shared folder existence in preinst
- fix load_variables_from_file (avoid use of cut with --delimiter, to make it POSIX compatible)
- avoid to add duplicate user to shared folders without resource workers (SRM, DSM5, DSM6 with SERVICE_WIZARD_SHARE)
- fix save_wizard_variables to not delete installer-variables when variables are not set (i.e. for UPGRADE without wizard)

* fix evaluation of share path
- use realpath (abspath is not supported on DSM)

* fix DSM 7 uninstaller
- use realpath to remove files in etc folder

* cleanups
- avoid reading already defined variables from installer-variables
- save wizard variables after creation of shared folders (SHARE_PATH is set to full path at creation time) (DSM 6, DSM 5)

* fix icon creation for web service packages
- create icons when DSM_UI_CONFIG is defined

* add demowebservice package
- add demowebservice to document how to create a web service apps
- use shared folder to show how to access shared folders by the package

* update demowebserice
- support DSM 5
- fully support dark mode

* update cops
- remove workaround to create package icons

* update adminer
- adjust patch to current version

* spksrc.service.mk: fix installation of app/config
- fix installation of app/config when DSM_UI_CONFIG is defined
- ensure DSM_UI_CONFIG has privilege over generated app/config (and is not affected by NO_SERVICE_SHORTCUT)
- add Makefile variable SERVICE_DESC to define DESC property in app/config (the whole package description is often not ment to be shown as tooltip of the app icon)
- remove the extra installation of app/config since this is fixed now (demowebservice, adminer, cops, owncloud)
- remove obsolete dsm-control.sh in adminer package (same is created by the framework with STARTABLE=no)
- throw error when SERVICE_USER is not properly defined (only 'auto' is supported)

* spk/aria2: remove SERVICE_WIZARD_GROUP
- SERVICE_WIZARD_GROUP is not supported anymore

* enable NO_SERVICE_SHORTCUT for DSM_UI_CONFIG
- fix NO_SERVICE_SHORTCUT to be applied independent of DSM_UI_CONFIG:
- it must be possible to disable creation of app/config file when app (webservice) is fully defined in conf/resource
- force icon creation when DSM_UI_CONFIG is defined
- NO_SERVICE_SHORTCUT must be ignored for icon creation, when DSM_UI_CONFIG is defined

* enhance demowebservice:
- document and avoid web server and PHP dependency as SPK_DEPENDS for all except DSM 7
- DSM 6: remove conf/resorce for webservice (supported on DSM 7 only)
- add port 8889 for Web Portal on DSM 7
- add install wizard page with remarks
- reverse proxy configuration on DSM 7 does not work and is not added to resource file (#5544)

* always define EFF_USER for service-setup on DSM 7 (fixes #5041)

* creation of shared folder always requires a service user
- force SERVICE_USER = auto with SERVICE_WIZARD_SHARENAME
- remove SERVICE_USER = auto in demowebservice Makefile as defined by framework now (forced by SERVICE_WIZARD_SHARENAME)
  • Loading branch information
hgy59 authored Oct 14, 2023
1 parent 4b11fbe commit ecce16f
Show file tree
Hide file tree
Showing 32 changed files with 923 additions and 504 deletions.
12 changes: 6 additions & 6 deletions cross/adminer/patches/001-not-use-pgsql-extension.patch
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
# See https://github.com/SynoCommunity/spksrc/issues/2662
# Remove the extension pgsql because the extension pgsql does not work with the PostgreSQL server from DSM. The Extension pdo_pgsql works perfectly.
--- adminer/drivers/pgsql.inc.php.org 2020-01-31 10:23:04.000000000 +0000
+++ adminer/drivers/pgsql.inc.php 2020-02-23 16:59:43.482304615 +0000
@@ -4,146 +4,8 @@
--- adminer/drivers/pgsql.inc.php.orig 2021-05-14 05:39:59.000000000 +0000
+++ adminer/drivers/pgsql.inc.php 2023-10-07 23:07:43.616901493 +0000
@@ -3,146 +3,7 @@

if (isset($_GET["pgsql"])) {
$possible_drivers = array("PgSQL", "PDO_PgSQL");
define("DRIVER", "pgsql");
- if (extension_loaded("pgsql")) {
- class Min_DB {
- var $extension = "PgSQL", $_link, $_result, $_string, $_database = true, $server_info, $affected_rows, $error, $timeout;
-
- function _error($errno, $error) {
- if (ini_bool("html_errors")) {
- $error = html_entity_decode(strip_tags($error));
Expand Down Expand Up @@ -43,7 +43,7 @@
- }
-
- function value($val, $field) {
- return ($field["type"] == "bytea" ? pg_unescape_bytea($val) : $val);
- return ($field["type"] == "bytea" && $val !== null ? pg_unescape_bytea($val) : $val);
- }
-
- function quoteBinary($string) {
Expand Down
2 changes: 1 addition & 1 deletion cross/cops/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ DEPENDS =

HOMEPAGE = https://blog.slucas.fr/en/oss/calibre-opds-php-server
COMMENT = Calibre OPDS and HTML PHP Server : light alternative to Calibre content server / Calibre2OPDS.
LICENSE = GPL
LICENSE = GPLv2

INSTALL_TARGET = cops_install

Expand Down
4 changes: 3 additions & 1 deletion mk/spksrc.icon.mk
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,9 @@ ICON_COOKIE = $(WORK_DIR)/.$(COOKIE_PREFIX)icon_done
# Icons are only needed with "DSM UI configuration" (see spksrc.service.mk)
ifneq ($(strip $(DSM_UI_DIR)),)
ifneq ($(strip $(SPK_ICON)),)
ifneq ($(or $(strip $(SERVICE_PORT)), $(strip $(ADMIN_URL))),)
ifneq ($(strip $(DSM_UI_CONFIG)),)
ICON_DIR = $(STAGING_DIR)/$(DSM_UI_DIR)/images
else ifneq ($(or $(strip $(SERVICE_PORT)), $(strip $(ADMIN_URL))),)
ifeq ($(strip $(NO_SERVICE_SHORTCUT)),)
ICON_DIR = $(STAGING_DIR)/$(DSM_UI_DIR)/images
endif
Expand Down
69 changes: 41 additions & 28 deletions mk/spksrc.service.installer.dsm5
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ fi


# Load (wizard) variables stored by postinst
call_func "load_variables_from_file" ${INST_VARIABLES}
load_variables_from_file ${INST_VARIABLES}

# init variables either from ${INST_VARIABLES}, from package or from wizard
call_func "initialize_variables"
Expand Down Expand Up @@ -140,9 +140,9 @@ set_syno_permissions ()
# Ensure directory resides in /volumeX before setting GROUP permissions
if [ "$(echo ${VOLUME} | cut -c2-7)" = "volume" ]; then
# Set read/write permissions for GROUP for folder and subfolders
if [ ! "$(synoacltool -get \"${DIRNAME}\"| grep \"group:${GROUP}:allow:rwxpdDaARWcC-:fd--\")" ]; then
if [ ! "$(synoacltool -get ${DIRNAME} | grep ""group:${GROUP}:allow:rwxpdDaARWcC-:fd--"")" ]; then
# First Unix permissions, but only if it's in Linux mode
if [ "$(synoacltool -get \"${DIRNAME}\"| grep \"Linux mode\")" ]; then
if [ "$(synoacltool -get ${DIRNAME} | grep -i 'Linux mode')" ]; then
set_unix_permissions "${DIRNAME}"
# If it is linux mode (due to old package) we need to add "administrators"-group,
# otherwise the folder is not accessible from File Station anymore!
Expand All @@ -157,9 +157,9 @@ set_syno_permissions ()

# Walk up the tree and set traverse execute permissions for GROUP up to VOLUME
while [ "${DIRNAME}" != "${VOLUME}" ]; do
if [ ! "$(synoacltool -get \"${DIRNAME}\"| grep \"group:${GROUP}:allow:r.x\")" ]; then
if [ ! "$(synoacltool -get ""${DIRNAME}"" | grep ""group:${GROUP}:allow:r.x"")" ]; then
# Here we also need to make sure the admin can access data via File Station
if [ "$(synoacltool -get \"${DIRNAME}\"| grep \"Linux mode\")" ]; then
if [ "$(synoacltool -get ""${DIRNAME}"" | grep -i 'Linux mode')" ]; then
synoacltool -add "${DIRNAME}" "group:administrators:allow:rwxpdDaARWc--:fd--"
fi
# Add the new group permissions
Expand Down Expand Up @@ -212,26 +212,12 @@ preinst ()
call_func "validate_preinst"
call_func "service_preinst"

# Check volume exists
if [ -n "${SHARE_PATH}" ]; then
if [ ! -d "${SHARE_VOLUME}" ]; then
echo "ERROR: Volume ${SHARE_VOLUME} does not exist." | $TEE 1>&2
exit 1
fi
fi

exit 0
}

postinst ()
{
log_step "postinst"
call_func "save_wizard_variables"
# Restrict permissions to protect sensitive options
if [ -e "${INST_VARIABLES}" ]; then
chmod go-rwx ${INST_VARIABLES}
chown ${EFF_USER} ${INST_VARIABLES}
fi

# Link for backward compatibility of binaries location
$LN "${SYNOPKG_PKGDEST}" "/usr/local/${SYNOPKG_PKGNAME}" 2>&1 | install_log
Expand Down Expand Up @@ -278,34 +264,58 @@ postinst ()

# Share management
if [ -n "${SHARE_PATH}" ]; then
install_log "Configuring ${SHARE_PATH}"
# Create share if does not exist
# !"#$%&’()*+,/:;<=>?@[]nˆ`{} |
if ! synoshare --get "${SHARE_NAME}" &> /dev/null; then
synoshare --add "${SHARE_NAME}" "${SHARE_DESC}" "${SHARE_PATH}" "" "" "" 1 0 2>&1 | install_log
# Create share if it does not exist
# invalid characters: !"#$%&’()*+,/:;<=>?@[]nˆ`{} |
if ! synoshare --get "${SHARE_NAME}" > /dev/null 2>&1; then
SHARE_PATH=${SYNOPKG_PKGDEST_VOL}/${SHARE_NAME}
install_log "Create share SHARE_NAME=${SHARE_NAME}, SHARE_PATH=${SHARE_PATH}"
# mandatory arguments:
# name desc path na rw ro browseable adv_privilege
# na, rw and ro are list of user(s) and/or group(s), separated by comma
synoshare --add "${SHARE_NAME}" "Share created for package ${SYNOPKG_PKGNAME}" "${SHARE_PATH}" "" "" "" 1 0 2>&1 | install_log
else
install_log "Share already exists SHARE_NAME=${SHARE_NAME}, SHARE_PATH=${SHARE_PATH}"
fi

# Add user permission if no GROUP is set in UI
# Add user permission if no GROUP is set in service-setup
# GROUP permission will be added in set_syno_permissions
if [ -z "$GROUP" ] && [ -n "${EFF_USER}" ]; then
synoshare --setuser "${SHARE_NAME}" RW + "${EFF_USER}" 2>&1 | install_log
# check whether user is already added to RW users
_synoshare_parameter="--getmap"
if synoshare --getmap "${SHARE_NAME}" | grep "ACL.*\[yes\]" > /dev/null 2>&1; then
_synoshare_parameter="--list_acl"
fi
if synoshare ${_synoshare_parameter} "${SHARE_NAME}" | grep "RW list" | grep -o "\[.*\]" | sed 's/[\[,]/ /g' | sed 's/\]/ /g' | grep -q " ${EFF_USER} " > /dev/null 2>&1; then
install_log "User has already RW access to share: SHARE_NAME=${SHARE_NAME}, EFF_USER=${EFF_USER}"
else
install_log "Set user for share: SHARE_NAME=${SHARE_NAME}, EFF_USER=${EFF_USER}"
synoshare --setuser "${SHARE_NAME}" RW + "${EFF_USER}" 2>&1 | install_log
fi
fi
synoshare --build 2>&1 | install_log

$MKDIR "${SHARE_PATH}"

# Permissions for folder, up to volume
if [ -n "$GROUP" ]; then
install_log "Set group for share: SHARE_PATH=${SHARE_PATH}, GROUP=${GROUP}"
set_syno_permissions "${SHARE_PATH}" "${GROUP}" 2>&1 | install_log
fi
fi

$MKDIR "${SYNOPKG_PKGVAR}" 2>&1 | install_log

call_func "save_wizard_variables"
# Restrict permissions to protect sensitive options
if [ -e "${INST_VARIABLES}" ]; then
chmod go-rwx ${INST_VARIABLES}
chown ${EFF_USER} ${INST_VARIABLES}
fi

call_func "service_postinst"

call_func "service_create_links"

$CP "${INST_LOG_TEMP}" "${INST_LOG}" 2>&1 | install_log

if [ -n "${LOG_FILE}" ]; then
echo "Installation log: ${INST_LOG}" >> ${LOG_FILE}
fi
Expand All @@ -330,6 +340,7 @@ preuninst ()
fi

call_func "service_preuninst"

exit 0
}

Expand All @@ -354,6 +365,7 @@ postuninst ()
if [ "${SYNOPKG_PKG_STATUS}" == "UNINSTALL" ]; then
$RM "${INST_VARIABLES}" 2>&1 | install_log
fi

exit 0
}

Expand Down Expand Up @@ -393,5 +405,6 @@ postupgrade ()

# Make sure we also have the logging for this step
$CP "${INST_LOG_TEMP}" "${INST_LOG}" 2>&1 | install_log

exit 0
}
86 changes: 51 additions & 35 deletions mk/spksrc.service.installer.dsm6
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ fi


# Load (wizard) variables stored by postinst
call_func "load_variables_from_file" install_log ${INST_VARIABLES}
load_variables_from_file ${INST_VARIABLES}

# init variables either from ${INST_VARIABLES}, from package or from wizard
call_func "initialize_variables"
Expand Down Expand Up @@ -148,9 +148,9 @@ set_syno_permissions ()
# Ensure directory resides in /volumeX before setting GROUP permissions
if [ "$(echo ${VOLUME} | cut -c2-7)" = "volume" ]; then
# Set read/write permissions for GROUP for folder and subfolders
if [ ! "$(synoacltool -get ""${DIRNAME}"" | grep ""group:${GROUP}:allow:rwxpdDaARWcC-:fd--"")" ]; then
if [ ! "$(synoacltool -get ${DIRNAME} | grep ""group:${GROUP}:allow:rwxpdDaARWcC-:fd--"")" ]; then
# First Unix permissions, but only if it's in Linux mode
if [ "$(synoacltool -get ""${DIRNAME}"" | grep -i 'Linux mode')" ]; then
if [ "$(synoacltool -get ${DIRNAME} | grep -i 'Linux mode')" ]; then
set_unix_permissions "${DIRNAME}"
# If it is linux mode (due to old package) we need to add "administrators"-group,
# otherwise the folder is not accessible from File Station anymore!
Expand Down Expand Up @@ -224,26 +224,12 @@ preinst ()
call_func "validate_preinst"
call_func "service_preinst" install_log

# Check volume exists
if [ -n "${SHARE_PATH}" ]; then
if [ ! -d "${SHARE_VOLUME}" ]; then
echo "ERROR: Volume ${SHARE_VOLUME} does not exist." | $TEE 1>&2
exit 1
fi
fi

exit 0
}

postinst ()
{
log_step "postinst"
call_func "save_wizard_variables" install_log
# Restrict permissions to protect sensitive options
if [ -e "${INST_VARIABLES}" ]; then
chmod go-rwx ${INST_VARIABLES}
chown ${EFF_USER} ${INST_VARIABLES}
fi

# Link for backward compatibility of binaries location
$LN "${SYNOPKG_PKGDEST}" "/usr/local/${SYNOPKG_PKGNAME}" 2>&1 | install_log
Expand Down Expand Up @@ -273,33 +259,60 @@ postinst ()
synogroup --rebuild all 2>&1 | install_log
fi

# Share management
# Share management (can be removed when SERVICE_WIZARD_SHARE is not used anymore)
if [ -n "${SHARE_PATH}" ]; then
install_log "Configuring ${SHARE_PATH}"
# Create share if does not exist
# !"#$%&’()*+,/:;<=>?@[]nˆ`{} |
if ! synoshare --get "${SHARE_NAME}" &> /dev/null; then
synoshare --add "${SHARE_NAME}" "${SHARE_DESC}" "${SHARE_PATH}" "" "" "" 1 0 2>&1 | install_log
fi

# Add user permission if no GROUP is set in UI
# GROUP permission will be added in set_syno_permissions
if [ -z "$GROUP" ] && [ -n "${EFF_USER}" ]; then
synoshare --setuser "${SHARE_NAME}" RW + "${EFF_USER}" 2>&1 | install_log
fi
synoshare --build 2>&1 | install_log
if [ "${SHARE_WORKER}" != "0" ]; then
install_log "Shared folder [${SHARE_PATH}] will be created by DSM."
else
# Create share if it does not exist
# invalid characters: !"#$%&’()*+,/:;<=>?@[]nˆ`{} |
if ! synoshare --get "${SHARE_NAME}" > /dev/null 2>&1; then
SHARE_PATH=${SYNOPKG_PKGDEST_VOL}/${SHARE_NAME}
install_log "Create share SHARE_NAME=${SHARE_NAME}, SHARE_PATH=${SHARE_PATH}"
# mandatory arguments:
# name desc path na rw ro browseable adv_privilege
# na, rw and ro are list of user(s) and/or group(s), separated by comma
synoshare --add "${SHARE_NAME}" "Share created for package ${SYNOPKG_PKGNAME}" "${SHARE_PATH}" "" "" "" 1 0 2>&1 | install_log
else
install_log "Share already exists SHARE_NAME=${SHARE_NAME}, SHARE_PATH=${SHARE_PATH}"
fi

$MKDIR "${SHARE_PATH}"
# Add user permission if no GROUP is set in service-setup
# GROUP permission will be added in set_syno_permissions
if [ -z "$GROUP" ] && [ -n "${EFF_USER}" ]; then
# check whether user is already added to RW users
_synoshare_parameter="--getmap"
if synoshare --getmap "${SHARE_NAME}" | grep "ACL.*\[yes\]" > /dev/null 2>&1; then
_synoshare_parameter="--list_acl"
fi
if synoshare ${_synoshare_parameter} "${SHARE_NAME}" | grep "RW list" | grep -o "\[.*\]" | sed 's/[\[,]/ /g' | sed 's/\]/ /g' | grep -q " ${EFF_USER} " > /dev/null 2>&1; then
install_log "User has already RW access to share: SHARE_NAME=${SHARE_NAME}, EFF_USER=${EFF_USER}"
else
install_log "Set user for share: SHARE_NAME=${SHARE_NAME}, EFF_USER=${EFF_USER}"
synoshare --setuser "${SHARE_NAME}" RW + "${EFF_USER}" 2>&1 | install_log
fi
fi
synoshare --build 2>&1 | install_log

# Permissions for folder, up to volume
if [ -n "$GROUP" ]; then
set_syno_permissions "${SHARE_PATH}" "${GROUP}" 2>&1 | install_log
# Permissions for folder, up to volume
if [ -n "$GROUP" ]; then
install_log "Set group for share: SHARE_PATH=${SHARE_PATH}, GROUP=${GROUP}"
set_syno_permissions "${SHARE_PATH}" "${GROUP}" 2>&1 | install_log
fi
fi
fi

$MKDIR "${SYNOPKG_PKGVAR}" 2>&1 | install_log

call_func "save_wizard_variables" install_log
# Restrict permissions to protect sensitive options
if [ -e "${INST_VARIABLES}" ]; then
chmod go-rwx ${INST_VARIABLES}
chown ${EFF_USER} ${INST_VARIABLES}
fi

call_func "service_postinst" install_log

call_func "service_clean_tmpdir" install_log

if [ -n "${LOG_FILE}" ]; then
Expand All @@ -317,6 +330,7 @@ preuninst ()
log_step "preuninst"
call_func "validate_preuninst"
call_func "service_preuninst" install_log

exit 0
}

Expand All @@ -340,6 +354,7 @@ postuninst ()
if [ "${SYNOPKG_PKG_STATUS}" == "UNINSTALL" ]; then
$RM "${INST_VARIABLES}" 2>&1 | install_log
fi

exit 0
}

Expand All @@ -358,6 +373,7 @@ preupgrade ()
# Beware of /. outside the quotes
# Needed to copy all files including hidden ones
$CP "${SYNOPKG_PKGVAR}"/. "$TMP_DIR" 2>&1 | install_log

exit 0
}

Expand Down
Loading

0 comments on commit ecce16f

Please sign in to comment.