fix CVE-2020-1971 again

2020-12-16 15:47:02 +01:00
parent 9a4f96ad18
commit c5b32dfc4c
19 changed files with 17 additions and 27 deletions
--- a/scripts/certbot-renew-hook.sh
+++ b/scripts/certbot-renew-hook.sh
@@ -1,5 +1,6 @@
 #!/bin/sh

+# load some functions
 . /opt/scripts/utils.sh

 job_log "[CERTBOT] certificates have been renewed"
--- a/scripts/certbot-renew.sh
+++ b/scripts/certbot-renew.sh
@@ -1,5 +1,6 @@
 #!/bin/sh

+# load some functions
 . /opt/scripts/utils.sh

 # ask new certificates if needed
@@ -10,13 +11,3 @@ if [ "$?" -eq 0 ] ; then
 else
 	job_log "[CERTBOT] renew operation failed"
 fi
-
-# fix rights
-chown -R root:nginx /etc/letsencrypt
-chmod -R 740 /etc/letsencrypt
-find /etc/letsencrypt -type d -exec chmod 750 {} \;
-
-# reload nginx
-if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload > /dev/null 2>&1
-fi
--- a/scripts/referrers.sh
+++ b/scripts/referrers.sh
@@ -38,7 +38,6 @@ if [ "$lines" -gt 1 ] ; then
 	fi
 else
 	job_log "[BLACKLIST] can't update referrers list"
-
 fi

 rm -f /tmp/map-referrer.conf 2> /dev/null
--- a/scripts/user-agents.sh
+++ b/scripts/user-agents.sh
@@ -40,7 +40,6 @@ if [ "$lines" -gt 1 ] ; then
 	fi
 else
 	job_log "[BLACKLIST] can't update user-agent list"
-
 fi

 rm -f /tmp/map-user-agent.conf 2> /dev/null