@@ -52,6 +52,18 @@ update_database_tls_config() {
5252 rm -f " $tmp "
5353}
5454
55+ # safe_sed_i avoids sed -i which creates temp files alongside the target,
56+ # broken on VirtioFS (Docker Desktop for Mac). Uses mktemp + cat pattern.
57+ safe_sed_i () {
58+ local file=" ${@: -1} "
59+ local tmp
60+ tmp=" $( mktemp) "
61+ if sed " ${@: 1: $(($# -1))} " " $file " > " $tmp " && [[ -s " $tmp " ]]; then
62+ cat " $tmp " > " $file "
63+ fi
64+ rm -f " $tmp "
65+ }
66+
5567init_mysql (){
5668 # Test when MySQL is ready....
5769 # wait for Database come ready
@@ -90,32 +102,26 @@ init_misp_data_files(){
90102 # Init config (shared with host)
91103 echo " ... initialize configuration files"
92104 MISP_APP_CONFIG_PATH=/var/www/MISP/app/Config
93- # workaround for https://forums.docker.com/t/sed-couldnt-open-temporary-file-xyz-permission-denied-when-using-virtiofs/125473
94- # [ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH.dist/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php
95- # [ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH.dist/database.default.php $MISP_APP_CONFIG_PATH/database.php
96- # [ -f $MISP_APP_CONFIG_PATH/core.php ] || cp $MISP_APP_CONFIG_PATH.dist/core.default.php $MISP_APP_CONFIG_PATH/core.php
97- # [ -f $MISP_APP_CONFIG_PATH/config.php ] || cp $MISP_APP_CONFIG_PATH.dist/config.default.php $MISP_APP_CONFIG_PATH/config.php
98- # [ -f $MISP_APP_CONFIG_PATH/email.php ] || cp $MISP_APP_CONFIG_PATH.dist/email.php $MISP_APP_CONFIG_PATH/email.php
99- # [ -f $MISP_APP_CONFIG_PATH/routes.php ] || cp $MISP_APP_CONFIG_PATH.dist/routes.php $MISP_APP_CONFIG_PATH/routes.php
100- [ -s $MISP_APP_CONFIG_PATH /bootstrap.php ] || dd if=$MISP_APP_CONFIG_PATH .dist/bootstrap.default.php of=$MISP_APP_CONFIG_PATH /bootstrap.php
101- [ -s $MISP_APP_CONFIG_PATH /database.php ] || dd if=$MISP_APP_CONFIG_PATH .dist/database.default.php of=$MISP_APP_CONFIG_PATH /database.php
102- [ -s $MISP_APP_CONFIG_PATH /core.php ] || dd if=$MISP_APP_CONFIG_PATH .dist/core.default.php of=$MISP_APP_CONFIG_PATH /core.php
103- [ -s $MISP_APP_CONFIG_PATH /config.php.template ] || dd if=$MISP_APP_CONFIG_PATH .dist/config.default.php of=$MISP_APP_CONFIG_PATH /config.php.template
105+ # Avoid cp/sed -i which create temp files alongside the target,
106+ # broken on VirtioFS (Docker Desktop for Mac).
107+ [ -s $MISP_APP_CONFIG_PATH /bootstrap.php ] || cat $MISP_APP_CONFIG_PATH .dist/bootstrap.default.php > $MISP_APP_CONFIG_PATH /bootstrap.php
108+ [ -s $MISP_APP_CONFIG_PATH /database.php ] || cat $MISP_APP_CONFIG_PATH .dist/database.default.php > $MISP_APP_CONFIG_PATH /database.php
109+ [ -s $MISP_APP_CONFIG_PATH /core.php ] || cat $MISP_APP_CONFIG_PATH .dist/core.default.php > $MISP_APP_CONFIG_PATH /core.php
110+ [ -s $MISP_APP_CONFIG_PATH /config.php.template ] || cat $MISP_APP_CONFIG_PATH .dist/config.default.php > $MISP_APP_CONFIG_PATH /config.php.template
104111 [ -s $MISP_APP_CONFIG_PATH /config.php ] || echo -e " <?php\n\$ config=array();\n?>" > $MISP_APP_CONFIG_PATH /config.php
105- [ -s $MISP_APP_CONFIG_PATH /email.php ] || dd if= $MISP_APP_CONFIG_PATH .dist/email.php of= $MISP_APP_CONFIG_PATH /email.php
106- [ -s $MISP_APP_CONFIG_PATH /routes.php ] || dd if= $MISP_APP_CONFIG_PATH .dist/routes.php of= $MISP_APP_CONFIG_PATH /routes.php
112+ [ -s $MISP_APP_CONFIG_PATH /email.php ] || cat $MISP_APP_CONFIG_PATH .dist/email.php > $MISP_APP_CONFIG_PATH /email.php
113+ [ -s $MISP_APP_CONFIG_PATH /routes.php ] || cat $MISP_APP_CONFIG_PATH .dist/routes.php > $MISP_APP_CONFIG_PATH /routes.php
107114
108115 if ! grep -q " Detect what auth modules" " $MISP_APP_CONFIG_PATH /bootstrap.php" ; then
109116 echo " ... patch bootstrap.php settings"
110117 chmod +w $MISP_APP_CONFIG_PATH /bootstrap.php
111- # workaround for https://forums.docker.com/t/sed-couldnt-open-temporary-file-xyz-permission-denied-when-using-virtiofs/125473
112- sed -z " s|CakePlugin::loadAll(array(.*CakeResque.*));||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
113- sed " s|CakePlugin::load('AadAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
114- sed " s|CakePlugin::load('CertAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
115- sed " s|CakePlugin::load('LdapAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
116- sed " s|CakePlugin::load('LinOTPAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
117- sed " s|CakePlugin::load('OidcAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
118- sed " s|CakePlugin::load('ShibbAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php > tmp; cat tmp > $MISP_APP_CONFIG_PATH /bootstrap.php; rm tmp
118+ safe_sed_i -z " s|CakePlugin::loadAll(array(.*CakeResque.*));||g" $MISP_APP_CONFIG_PATH /bootstrap.php
119+ safe_sed_i " s|CakePlugin::load('AadAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php
120+ safe_sed_i " s|CakePlugin::load('CertAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php
121+ safe_sed_i " s|CakePlugin::load('LdapAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php
122+ safe_sed_i " s|CakePlugin::load('LinOTPAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php
123+ safe_sed_i " s|CakePlugin::load('OidcAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php
124+ safe_sed_i " s|CakePlugin::load('ShibbAuth');||g" $MISP_APP_CONFIG_PATH /bootstrap.php
119125 cat << EOT >> $MISP_APP_CONFIG_PATH /bootstrap.php
120126
121127/**
@@ -152,18 +158,14 @@ EOT
152158 fi
153159
154160 echo " ... initialize database.php settings"
155- # workaround for https://forums.docker.com/t/sed-couldnt-open-temporary-file-xyz-permission-denied-when-using-virtiofs/125473
156- # sed -i "s/localhost/$MYSQL_HOST/" $MISP_APP_CONFIG_PATH/database.php
157- # sed -i "s/db\s*login/$MYSQL_USER/" $MISP_APP_CONFIG_PATH/database.php
158- # sed -i "s/3306/$MYSQL_PORT/" $MISP_APP_CONFIG_PATH/database.php
159- # sed -i "s/db\s*password/$MYSQL_PASSWORD/" $MISP_APP_CONFIG_PATH/database.php
160- # sed -i "s/'database' => 'misp'/'database' => '$MYSQL_DATABASE'/" $MISP_APP_CONFIG_PATH/database.php
161+ # Avoid sed -i which creates temp files alongside the target,
162+ # broken on VirtioFS (Docker Desktop for Mac).
161163 chmod +w $MISP_APP_CONFIG_PATH /database.php
162- sed " s/localhost/$MYSQL_HOST /" $MISP_APP_CONFIG_PATH /database.php > tmp ; cat tmp > $MISP_APP_CONFIG_PATH /database.php ; rm tmp
163- sed " s/db\s*login/$MYSQL_USER /" $MISP_APP_CONFIG_PATH /database.php > tmp ; cat tmp > $MISP_APP_CONFIG_PATH /database.php ; rm tmp
164- sed " s/3306/$MYSQL_PORT /" $MISP_APP_CONFIG_PATH /database.php > tmp ; cat tmp > $MISP_APP_CONFIG_PATH /database.php ; rm tmp
165- sed " s/db\s*password/$MYSQL_PASSWORD /" $MISP_APP_CONFIG_PATH /database.php > tmp ; cat tmp > $MISP_APP_CONFIG_PATH /database.php ; rm tmp
166- sed " s/'database' => 'misp'/'database' => '$MYSQL_DATABASE '/" $MISP_APP_CONFIG_PATH /database.php > tmp ; cat tmp > $MISP_APP_CONFIG_PATH /database.php ; rm tmp
164+ safe_sed_i " s/localhost/$MYSQL_HOST /" $MISP_APP_CONFIG_PATH /database.php
165+ safe_sed_i " s/db\s*login/$MYSQL_USER /" $MISP_APP_CONFIG_PATH /database.php
166+ safe_sed_i " s/3306/$MYSQL_PORT /" $MISP_APP_CONFIG_PATH /database.php
167+ safe_sed_i " s/db\s*password/$MYSQL_PASSWORD /" $MISP_APP_CONFIG_PATH /database.php
168+ safe_sed_i " s/'database' => 'misp'/'database' => '$MYSQL_DATABASE '/" $MISP_APP_CONFIG_PATH /database.php
167169
168170 # Enable MySQL TLS immediately, as TLS requiring hosts like AWS RDS may banlist non-TLS connecting hosts
169171 # Conversely, this is also a good spot to disable it if required
0 commit comments