tyler.durden/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-04-07 19:55:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add comment about TLS-related file permissions

Browse Source 
Co-authored-by: Dominik <DL6ER@users.noreply.github.com>
Signed-off-by: MichaIng <micha@dietpi.com>
This commit is contained in:
MichaIng 2025-02-26 20:59:32 +01:00 committed by GitHub
parent 83a38bb71d
commit ad6a48b219
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
advanced/Templates/pihole-FTL-prestart.sh
View File

@ -16,6 +16,7 @@ chown -R pihole:pihole /etc/pihole /var/log/pihole
find /etc/pihole/ /var/log/pihole/ -type d -exec chmod 0755 {} +
# Set all files (except TLS-related ones) to u+rw g+r
find /etc/pihole/ /var/log/pihole/ -type f ! \( -name '*.pem' -o -name '*.crt' \) -exec chmod 0640 {} +
# Set TLS-related files to a more restrictive u+rw *only* (they may contain private keys)
find /etc/pihole/ /var/log/pihole/ -type f -name '*.pem' -o -name '*.crt' -exec chmod 0600 {} +
# Logrotate config file need to be owned by root