feat: force attrs for new files

SOURCES/kf2-srv

@@ -28,9 +28,9 @@ source /etc/steamcmd/steamcmd.conf
 source /etc/kf2-srv/kf2-srv.conf
 source /etc/kf2-srv/bot.conf
 
-ScriptFullname=$(readlink -e "$0")
-ScriptName=$(echo "$ScriptFullname" | awk -F '/' '{print $NF;}')
-readonly ScriptVersion="0.12.0"
+readonly ScriptFullname=$(readlink -e "$0")
+readonly ScriptName=$(echo "$ScriptFullname" | awk -F '/' '{print $NF;}')
+readonly ScriptVersion=$(rpm -qi "$ScriptName" | grep 'Version' | sed -r 's|.+: +||g') # mb problems in other langs ('Version')
 
 # Constants. Don't change.
 readonly AppServerNum="232130"

SOURCES/kf2-srv-force-attr

@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# kf2-srv is a command line tool for managing a set of Killing Floor 2 servers.
+# Copyright (C) 2019, 2020 GenZmeY
+# mailto: genzmey@gmail.com
+# 
+# This file is part of kf2-srv.
+#
+# kf2-srv is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+declare -A ModeNames MutNames
+
+source /etc/kf2-srv/kf2-srv.conf
+
+DirLog="/var/log/kf2-srv"
+DirLogBeta="/var/log/kf2-srv-beta"
+DirInstances="/etc/kf2-srv/instances"
+DirInstancesBeta="/etc/kf2-srv/instances-beta"
+
+/usr/bin/inotifywait -qmr -e create -e moved_to --format %w%f \
+"$DirLog" "$DirLogBeta" "$DirInstances" "$DirInstancesBeta" | \
+while read File
+do
+	if echo "$File" | grep -Piq "\.log$"; then
+		chmod  "$ForceLogPermissions" "$File"
+		chown :"$ForceLogGroup"       "$File"
+	elif echo "$File" | grep -Piq "\.ini$"; then
+		chmod  "$ForceIniPermissions" "$File"
+		chown :"$ForceIniGroup"       "$File"
+	fi
+done
+

SOURCES/kf2-srv-force-attr.service

@@ -5,8 +5,7 @@ Description=kf2-srv force attr service
 Type=simple
 StandardOutput=null
 StandardError=null
-EnvironmentFile=/etc/kf2-srv/kf2-srv.conf
-ExecStart=/bin/bash -c 'declare -A ModeNames MutNames; source /etc/kf2-srv/kf2-srv.conf; /usr/bin/inotifywait -qmr -e create -e moved_to --format %%w%%f /var/log/kf2-srv /var/log/kf2-srv-beta /etc/kf2-srv/instances /etc/kf2-srv/instances-beta | while read File; do if echo "$File" | grep -Piq "\.log$"; then chmod "$ForceLogPermissions" "$File"; chown :"$ForceLogGroup" "$File"; elif echo "$File" | grep -Piq "\.ini$"; then chmod "$ForceIniPermissions" "$File"; chown :"$ForceIniGroup" "$File"; fi; done'
+ExecStart=/usr/sbin/kf2-srv-force-attr
 Restart=always
 
 NoNewPrivileges=yes

SOURCES/kf2-srv.conf

@@ -17,7 +17,7 @@ ModeNames['KFGameContent.KFGameInfo_VersusSurvival']='Versus'
 MutNames['ServerExtMut.ServerExtMut']='RPG'
 
 # These parameters works only if "kf2-srv-force-attr.service" is active
-ForceIniPermissions=644
+ForceIniPermissions=664
 ForceLogPermissions=640
 ForceIniGroup=steam
 ForceLogGroup=steam

SPECS/kf2-srv.spec

@@ -23,7 +23,8 @@ Source12:   COPYING
 Source13:   rsyslog-%{name}.conf
 Source14:   logrotate-%{name}
 Source15:   bot.conf
-Source16:   %{name}-force-attr.service
+Source16:   %{name}-force-attr
+Source17:   %{name}-force-attr.service
 
 Requires:   systemd >= 219
 Requires:   steamcmd
@@ -55,6 +56,7 @@ Command line tool for managing a set of Killing Floor 2 servers.
 rm -rf $RPM_BUILD_ROOT
 
 install -d %{buildroot}/%{_bindir}
+install -d %{buildroot}/%{_sbindir}
 install -d %{buildroot}/%{_prefix}/lib/systemd/system
 install -d %{buildroot}/%{_prefix}/lib/firewalld/services
 install -d %{buildroot}/%{_sysconfdir}/%{name}/instances
@@ -84,7 +86,8 @@ install -m 644 %{SOURCE12} %{buildroot}/%{_datadir}/licenses/%{name}
 install -m 644 %{SOURCE13} %{buildroot}/%{_sysconfdir}/rsyslog.d/%{name}.conf
 install -m 644 %{SOURCE14} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
 install -m 644 %{SOURCE15} %{buildroot}/%{_sysconfdir}/%{name}
-install -m 644 %{SOURCE16} %{buildroot}/%{_prefix}/lib/systemd/system
+install -m 755 %{SOURCE16} %{buildroot}/%{_sbindir}
+install -m 644 %{SOURCE17} %{buildroot}/%{_prefix}/lib/systemd/system
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -104,6 +107,7 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0644,root,root)         %config(noreplace) %{_prefix}/lib/firewalld/services/%{name}.xml
 %attr(0755,root,root)                            %{_bindir}/%{name}
 %attr(0755,root,root)                            %{_bindir}/%{name}-beta
+%attr(0755,root,root)                            %{_sbindir}/%{name}-force-attr
 %attr(0644,root,root)                            %{_prefix}/lib/systemd/system/*
 %attr(0644,root,root)         %doc               %{_datadir}/licenses/%{name}/*
 %attr(0644,root,root)                            %{_sysconfdir}/rsyslog.d/%{name}.conf
@@ -126,10 +130,11 @@ systemctl try-restart rsyslog.service
 #fi
 
 %changelog
-* Sun Jul 12 2020 GenZmeY <genzmey@gmail.com> - 0.12.0-1
+* Mon Jul 13 2020 GenZmeY <genzmey@gmail.com> - 0.12.0-1
 - chat logs without timestamp;
 - update rsyslog config - now logs will be create with steam group and 640 permissions;
 - update logrotate config (fixed that logrotate does nothing);
+- bot password in separate file without read permission to others;
 - feat: force attr for log/ini files.
 
 * Thu Jul 9 2020 GenZmeY <genzmey@gmail.com> - 0.11.1-1