From: shamoon <4887959+shamoon@users.noreply.github.com> Date: Wed, 28 Jan 2026 21:45:12 +0000 (-0800) Subject: Fix: fix user checks in management scripts (#11928) X-Git-Tag: v2.20.6~1^2~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6913f9d79c64bca5114401c650cf88f896ed03d5;p=thirdparty%2Fpaperless-ngx.git Fix: fix user checks in management scripts (#11928) --- diff --git a/docker/management_script.sh b/docker/management_script.sh index 91a6336d08..6d5e845493 100755 --- a/docker/management_script.sh +++ b/docker/management_script.sh @@ -7,6 +7,11 @@ cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then python3 manage.py management_command "$@" -elif [[ $(id -un) == "paperless" ]]; then +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py management_command "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py management_command "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/convert_mariadb_uuid b/docker/rootfs/usr/local/bin/convert_mariadb_uuid index 019c558f1e..7adb0a1af1 100755 --- a/docker/rootfs/usr/local/bin/convert_mariadb_uuid +++ b/docker/rootfs/usr/local/bin/convert_mariadb_uuid @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py convert_mariadb_uuid "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py convert_mariadb_uuid "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py convert_mariadb_uuid "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py convert_mariadb_uuid "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/createsuperuser b/docker/rootfs/usr/local/bin/createsuperuser index 2b56869f6d..b91cee3c51 100755 --- a/docker/rootfs/usr/local/bin/createsuperuser +++ b/docker/rootfs/usr/local/bin/createsuperuser @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py createsuperuser "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py createsuperuser "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py createsuperuser "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py createsuperuser "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/decrypt_documents b/docker/rootfs/usr/local/bin/decrypt_documents index 27f0a21fe4..65d035b70b 100755 --- a/docker/rootfs/usr/local/bin/decrypt_documents +++ b/docker/rootfs/usr/local/bin/decrypt_documents @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py decrypt_documents "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py decrypt_documents "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py decrypt_documents "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py decrypt_documents "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_archiver b/docker/rootfs/usr/local/bin/document_archiver index 8d7771d26e..4200aa7aa4 100755 --- a/docker/rootfs/usr/local/bin/document_archiver +++ b/docker/rootfs/usr/local/bin/document_archiver @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_archiver "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_archiver "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_archiver "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_archiver "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_create_classifier b/docker/rootfs/usr/local/bin/document_create_classifier index 23acc67413..518551a4bc 100755 --- a/docker/rootfs/usr/local/bin/document_create_classifier +++ b/docker/rootfs/usr/local/bin/document_create_classifier @@ -6,7 +6,16 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_create_classifier "$@" + python3 manage.py document_create_classifier "$@" +elif [[ $(id -u) == 0 ]]; then + s6-setuidgid paperless python3 manage.py document_create_classifier "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_create_classifier "$@" +else + echo "Unknown user." + exit 1 +fi +er "$@" elif [[ $(id -un) == "paperless" ]]; then s6-setuidgid paperless python3 manage.py document_create_classifier "$@" fi diff --git a/docker/rootfs/usr/local/bin/document_exporter b/docker/rootfs/usr/local/bin/document_exporter index d55f01d488..a82d70a16c 100755 --- a/docker/rootfs/usr/local/bin/document_exporter +++ b/docker/rootfs/usr/local/bin/document_exporter @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_exporter "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_exporter "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_exporter "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_exporter "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_fuzzy_match b/docker/rootfs/usr/local/bin/document_fuzzy_match index c6e4edadca..b97c2a9ba2 100755 --- a/docker/rootfs/usr/local/bin/document_fuzzy_match +++ b/docker/rootfs/usr/local/bin/document_fuzzy_match @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_fuzzy_match "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_fuzzy_match "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_fuzzy_match "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_fuzzy_match "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_importer b/docker/rootfs/usr/local/bin/document_importer index 07c92bb04a..dbfb40a57e 100755 --- a/docker/rootfs/usr/local/bin/document_importer +++ b/docker/rootfs/usr/local/bin/document_importer @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_importer "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_importer "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_importer "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_importer "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_index b/docker/rootfs/usr/local/bin/document_index index 47c893c102..b05f765da9 100755 --- a/docker/rootfs/usr/local/bin/document_index +++ b/docker/rootfs/usr/local/bin/document_index @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_index "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_index "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_index "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_index "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_renamer b/docker/rootfs/usr/local/bin/document_renamer index 3406182eeb..720edc0d85 100755 --- a/docker/rootfs/usr/local/bin/document_renamer +++ b/docker/rootfs/usr/local/bin/document_renamer @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_renamer "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_renamer "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_renamer "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_renamer "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_retagger b/docker/rootfs/usr/local/bin/document_retagger index b0d1047ffb..6cbe03c198 100755 --- a/docker/rootfs/usr/local/bin/document_retagger +++ b/docker/rootfs/usr/local/bin/document_retagger @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_retagger "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_retagger "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_retagger "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_retagger "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_sanity_checker b/docker/rootfs/usr/local/bin/document_sanity_checker index d792124fc8..8fff13a521 100755 --- a/docker/rootfs/usr/local/bin/document_sanity_checker +++ b/docker/rootfs/usr/local/bin/document_sanity_checker @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_sanity_checker "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_sanity_checker "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_sanity_checker "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_sanity_checker "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/document_thumbnails b/docker/rootfs/usr/local/bin/document_thumbnails index 71d80e00de..3c0f0de4c2 100755 --- a/docker/rootfs/usr/local/bin/document_thumbnails +++ b/docker/rootfs/usr/local/bin/document_thumbnails @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py document_thumbnails "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_thumbnails "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py document_thumbnails "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py document_thumbnails "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/mail_fetcher b/docker/rootfs/usr/local/bin/mail_fetcher index 654c07389d..762b850b9a 100755 --- a/docker/rootfs/usr/local/bin/mail_fetcher +++ b/docker/rootfs/usr/local/bin/mail_fetcher @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py mail_fetcher "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py mail_fetcher "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py mail_fetcher "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py mail_fetcher "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/manage_superuser b/docker/rootfs/usr/local/bin/manage_superuser index a6e41168cf..8f550cd1aa 100755 --- a/docker/rootfs/usr/local/bin/manage_superuser +++ b/docker/rootfs/usr/local/bin/manage_superuser @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py manage_superuser "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py manage_superuser "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py manage_superuser "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py manage_superuser "$@" +else + echo "Unknown user." + exit 1 fi diff --git a/docker/rootfs/usr/local/bin/prune_audit_logs b/docker/rootfs/usr/local/bin/prune_audit_logs index 04446df172..8a3ab32993 100755 --- a/docker/rootfs/usr/local/bin/prune_audit_logs +++ b/docker/rootfs/usr/local/bin/prune_audit_logs @@ -6,7 +6,12 @@ set -e cd "${PAPERLESS_SRC_DIR}" if [[ -n "${USER_IS_NON_ROOT}" ]]; then - python3 manage.py prune_audit_logs "$@" -elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py prune_audit_logs "$@" +elif [[ $(id -u) == 0 ]]; then s6-setuidgid paperless python3 manage.py prune_audit_logs "$@" +elif [[ $(id -un) == "paperless" ]]; then + python3 manage.py prune_audit_logs "$@" +else + echo "Unknown user." + exit 1 fi