From 2ef3fa66f2a434cd5e44e35a02f4ac502cf50808 Mon Sep 17 00:00:00 2001
From: Konstantin Pavlov <thresh@videolan.org>
Date: Tue, 2 Jun 2020 18:22:29 +0300
Subject: [PATCH] ipv6-listen: detect if default.conf is writable

Fixes #416
---
 mainline/alpine-perl/10-listen-on-ipv6-by-default.sh | 3 +++
 mainline/alpine/10-listen-on-ipv6-by-default.sh      | 3 +++
 mainline/buster-perl/10-listen-on-ipv6-by-default.sh | 3 +++
 mainline/buster/10-listen-on-ipv6-by-default.sh      | 3 +++
 stable/alpine-perl/10-listen-on-ipv6-by-default.sh   | 3 +++
 stable/alpine/10-listen-on-ipv6-by-default.sh        | 3 +++
 stable/buster-perl/10-listen-on-ipv6-by-default.sh   | 3 +++
 stable/buster/10-listen-on-ipv6-by-default.sh        | 3 +++
 8 files changed, 24 insertions(+)

diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh
+++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/mainline/alpine/10-listen-on-ipv6-by-default.sh
+++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh
+++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/mainline/buster/10-listen-on-ipv6-by-default.sh
+++ b/mainline/buster/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh
+++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/stable/alpine/10-listen-on-ipv6-by-default.sh
+++ b/stable/alpine/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh
+++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh
index 0ee4872..6885a9d 100755
--- a/stable/buster/10-listen-on-ipv6-by-default.sh
+++ b/stable/buster/10-listen-on-ipv6-by-default.sh
@@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then
     exit 0
 fi
 
+# check if the file can be modified, e.g. not on a r/o filesystem
+touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; }
+
 # check if the file is already modified, e.g. on a container restart
 grep -q "listen  \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; }
 
-- 
GitLab