babbarc/workspaces
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: remove setfacl hardening

Browse Source 
not working as expected
This commit is contained in:
yeti 2025-04-17 22:55:40 +01:00
parent f713f338db
commit 7494ad1d18
1 changed files with 2 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
build-workspace.sh
View File

@ -35,6 +35,8 @@ buildah copy "$ctr" ssh $SECURE/ssh
# zsh and tmux config (immutable) # zsh and tmux config (immutable)
buildah run "$ctr" -- chown -R $DEV_USER:$DEV_USER $DEV_HOME buildah run "$ctr" -- chown -R $DEV_USER:$DEV_USER $DEV_HOME
buildah run --user $DEV_USER "$ctr" -- nvim --headless "+Lazy! sync" +qa buildah run --user $DEV_USER "$ctr" -- nvim --headless "+Lazy! sync" +qa
buildah run --user $DEV_USER "$ctr" -- nvim --headless "+Lazy! sync" +qa
buildah run --user $DEV_USER "$ctr" -- nvim --headless "+Lazy! sync" +qa
# lock the files # lock the files
buildah run "$ctr" -- bash -c "\ buildah run "$ctr" -- bash -c "\
@ -49,17 +51,6 @@ buildah run "$ctr" -- bash -c "\
$DEV_HOME/.config/tmux/tmux.conf \ $DEV_HOME/.config/tmux/tmux.conf \
$DEV_HOME/.config/tmux/tmux.conf.local \ $DEV_HOME/.config/tmux/tmux.conf.local \
$DEV_HOME/.config/zsh/fzf-git.sh && \ $DEV_HOME/.config/zsh/fzf-git.sh && \
setfacl -m u:devuser:--x $DEV_HOME/start.sh \
$DEV_HOME/.config/lazygit/config.yml \
$DEV_HOME/.config/nvim/lua/config/lazy.lua \
$DEV_HOME/.config/nvim/lazyvim.json \
$DEV_HOME/.config/nvim/lazy-lock.json \
$DEV_HOME/.config/nvim/init.lua \
$DEV_HOME/.config/nvim/README.md \
$DEV_HOME/.config/nvim/LICENSE \
$DEV_HOME/.config/tmux/tmux.conf \
$DEV_HOME/.config/tmux/tmux.conf.local \
$DEV_HOME/.config/zsh/fzf-git.sh && \
chown root:secproc $DEV_HOME/start.sh \ chown root:secproc $DEV_HOME/start.sh \
$DEV_HOME/.config/lazygit/config.yml \ $DEV_HOME/.config/lazygit/config.yml \
$DEV_HOME/.config/nvim/lua/config/lazy.lua \ $DEV_HOME/.config/nvim/lua/config/lazy.lua \
@ -72,7 +63,6 @@ buildah run "$ctr" -- bash -c "\
$DEV_HOME/.config/tmux/tmux.conf.local \ $DEV_HOME/.config/tmux/tmux.conf.local \
$DEV_HOME/.config/zsh/fzf-git.sh && \ $DEV_HOME/.config/zsh/fzf-git.sh && \
chmod -R 750 $DEV_HOME/.config/zsh/ohmyzsh && \ chmod -R 750 $DEV_HOME/.config/zsh/ohmyzsh && \
setfacl -R -m u:devuser:--x $DEV_HOME/.config/zsh/ohmyzsh && \
chown -R root:secproc $DEV_HOME/.config/zsh/ohmyzsh chown -R root:secproc $DEV_HOME/.config/zsh/ohmyzsh
" "