Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ignore CVE-2021-36159 and redirect job logs as root when using autoconf

Browse Source
This commit is contained in:
bunkerity
2021-08-02 10:41:46 +02:00
parent 652614f41b
commit bc01427def
6 changed files with 20 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
autoconf/Dockerfile
View File

@@ -6,7 +6,7 @@ COPY confs/global/ /opt/bunkerized-nginx/confs/global
COPY confs/site/ /opt/bunkerized-nginx/confs/site
COPY jobs/ /opt/bunkerized-nginx/jobs
COPY settings.json /opt/bunkerized-nginx/
COPY misc/cron /etc/crontabs/nginx
COPY misc/cron-autoconf /etc/crontabs/root
COPY autoconf/entrypoint.sh /opt/bunkerized-nginx/entrypoint/
COPY autoconf/requirements.txt /opt/bunkerized-nginx/entrypoint/
COPY autoconf/src/* /opt/bunkerized-nginx/entrypoint/

5
autoconf/entrypoint.sh
View File

@@ -8,11 +8,6 @@ if [ "$?" -ne 0 ] ; then
exit 1
fi
#if [ "$SWARM_MODE" = "yes" ] ; then
# chown -R root:nginx /etc/nginx
# chmod -R 770 /etc/nginx
#fi
# trap SIGTERM and SIGINT
function trap_exit() {
echo "[*] Catched stop operation"

4
autoconf/prepare.sh
View File

@@ -61,7 +61,3 @@ ln -s /modsec-crs-confs /opt/bunkerized-nginx/modsec-crs-confs
mkdir /modsec-crs-confs
chown root:nginx /modsec-crs-confs
chmod 770 /modsec-crs-confs
# prepare /etc/crontabs/nginx
chown root:nginx /etc/crontabs/nginx
chmod 440 /etc/crontabs/nginx