all: imp code, log changes

This commit is contained in:
Eugene Burkov 2024-11-20 16:37:30 +03:00
parent 368598819f
commit 2e096c0e32
3 changed files with 25 additions and 16 deletions

View File

@ -32,6 +32,14 @@ NOTE: Add new changes BELOW THIS COMMENT.
- The release executables are now signed. - The release executables are now signed.
### Added
- The `--no-permcheck` command-line option to disable checking and migration of
permissions for the security-sensitive files and directories, which caused
issues on Windows ([#7400]).
[#7400]: https://github.com/AdguardTeam/AdGuardHome/issues/7400
[go-1.23.3]: https://groups.google.com/g/golang-announce/c/X5KodEJYuqI [go-1.23.3]: https://groups.google.com/g/golang-announce/c/X5KodEJYuqI
<!-- <!--

View File

@ -159,7 +159,7 @@ func setupContext(opts options) (err error) {
if Context.firstRun { if Context.firstRun {
log.Info("This is the first time AdGuard Home is launched") log.Info("This is the first time AdGuard Home is launched")
checkPermissions() checkNetworkPermissions()
return nil return nil
} }
@ -686,8 +686,8 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) {
} }
} }
if opts.checkPermissions { if !opts.noPermCheck {
permCheck(confPath, dataDir, statsDir, querylogDir) checkPermissions(Context.workDir, confPath, dataDir, statsDir, querylogDir)
} }
Context.web.start() Context.web.start()
@ -696,14 +696,14 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) {
<-done <-done
} }
// permCheck checks and migrates permissions of the files and directories used // checkPermissions checks and migrates permissions of the files and directories
// by AdGuard Home, if needed. // used by AdGuard Home, if needed.
func permCheck(confPath, dataDir, statsDir, querylogDir string) { func checkPermissions(workDir, confPath, dataDir, statsDir, querylogDir string) {
if permcheck.NeedsMigration(confPath) { if permcheck.NeedsMigration(confPath) {
permcheck.Migrate(Context.workDir, dataDir, statsDir, querylogDir, confPath) permcheck.Migrate(workDir, dataDir, statsDir, querylogDir, confPath)
} }
permcheck.Check(Context.workDir, dataDir, statsDir, querylogDir, confPath) permcheck.Check(workDir, dataDir, statsDir, querylogDir, confPath)
} }
// initUsers initializes context auth module. Clears config users field. // initUsers initializes context auth module. Clears config users field.
@ -765,8 +765,9 @@ func startMods(l *slog.Logger) (err error) {
return nil return nil
} }
// Check if the current user permissions are enough to run AdGuard Home // checkNetworkPermissions checks if the current user permissions are enough to
func checkPermissions() { // use the required networking functionality.
func checkNetworkPermissions() {
log.Info("Checking if AdGuard Home has necessary permissions") log.Info("Checking if AdGuard Home has necessary permissions")
if ok, err := aghnet.CanBindPrivilegedPorts(); !ok || err != nil { if ok, err := aghnet.CanBindPrivilegedPorts(); !ok || err != nil {

View File

@ -79,9 +79,9 @@ type options struct {
// rather than the ones that have been compiled into the binary. // rather than the ones that have been compiled into the binary.
localFrontend bool localFrontend bool
// checkPermissions enables the migration of permissions for the // noPermCheck disables checking and migration of permissions for the
// security-sensitive files, including the working directory itself. // security-sensitive files.
checkPermissions bool noPermCheck bool
} }
// initCmdLineOpts completes initialization of the global command-line option // initCmdLineOpts completes initialization of the global command-line option
@ -311,11 +311,11 @@ var cmdLineOpts = []cmdLineOpt{{
shortName: "", shortName: "",
}, { }, {
updateWithValue: nil, updateWithValue: nil,
updateNoValue: func(o options) (options, error) { o.checkPermissions = true; return o, nil }, updateNoValue: func(o options) (options, error) { o.noPermCheck = true; return o, nil },
effect: nil, effect: nil,
serialize: func(o options) (val string, ok bool) { return "", o.checkPermissions }, serialize: func(o options) (val string, ok bool) { return "", o.noPermCheck },
description: "Check and migrate permissions of security-sensitive files.", description: "Check and migrate permissions of security-sensitive files.",
longName: "permcheck", longName: "no-permcheck",
shortName: "", shortName: "",
}, { }, {
updateWithValue: nil, updateWithValue: nil,