search

YunoHost-Apps / mautrix_signal_ynh

Matrix signal package for YunoHost
GNU Affero General Public License v3.0
4 stars 10 forks source link

Signald creates folders with wrong umask #15

Closed MayeulC closed 2 years ago

MayeulC commented 3 years ago

Describe the bug

It looks like signald creates directories on demand : /var/lib/signald/{attachments/,avatars/,stickers/} at least. Stickers is the most problematic as it contains subfolders.

Not sure if mautrix-signal should be able to write to them, but it certainly needs to read from them.

Currently, they are created with 700 permissions. This despite the systemd unit containing:

RuntimeDirectory=signald
RuntimeDirectoryMode=0770
User=signald
Group=signald
UMask=0007

Maybe these folders should be created ahead of time as a first approach. I'm unsure if there's more of those. They should have proper group permissions if we are to use the fix I suggested in #13.

Given that the umask seems correct, it might be an upstream issue.

Logs

This is the error message:

  File "/opt/yunohost/mautrix_signal/lib/python3.7/site-packages/mausignald/signald.py", line 51, in _run_event_handler
    await handler(event)
  File "/opt/yunohost/mautrix_signal/lib/python3.7/site-packages/mautrix_signal/signal.py", line 54, in on_message
    await self.handle_message(user, sender, evt.data_message)
  File "/opt/yunohost/mautrix_signal/lib/python3.7/site-packages/mautrix_signal/signal.py", line 106, in handle_message
    await portal.handle_signal_message(user, sender, msg)
  File "/opt/yunohost/mautrix_signal/lib/python3.7/site-packages/mautrix_signal/portal.py", line 488, in handle_signal_m
essage
    sticker=True)
  File "/opt/yunohost/mautrix_signal/lib/python3.7/site-packages/mautrix_signal/portal.py", line 573, in _handle_signal_attachment
    with open(attachment.incoming_filename, "rb") as file: 
PermissionError: [Errno 13] Permission denied: '/var/lib/signald/stickers/9acc9e8aba563d26a4994e69263e3b25/16'
[2021-08-07 16:53:48,669] [WARNING@mausignald] No handlers for RPC request unreadable_message
MayeulC commented 3 years ago

Should be fixed upstream, but it looks like upgrading the package doesn't currently upgrade signald: #22

MayeulC commented 2 years ago

I can confirm this is solved with a recent enough version of signald (now we need to solve #22)