clay-server 2.11.0-beta.14 → 2.11.0-beta.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/daemon.js +6 -2
- package/lib/os-users.js +10 -1
- package/lib/terminal.js +2 -1
- package/package.json +1 -1
package/lib/daemon.js
CHANGED
|
@@ -152,6 +152,7 @@ var relay = createServer({
|
|
|
152
152
|
uidGid = { uid: parseInt(passwdLine[0], 10), gid: parseInt(passwdLine[1], 10) };
|
|
153
153
|
} catch (e) {}
|
|
154
154
|
if (uidGid) {
|
|
155
|
+
fs.chmodSync(targetDir, 0o700);
|
|
155
156
|
execSync("chown -R " + linuxUser + ":" + linuxUser + " " + JSON.stringify(targetDir));
|
|
156
157
|
execSync("git init", { cwd: targetDir, uid: uidGid.uid, gid: uidGid.gid, env: { PATH: "/usr/local/bin:/usr/bin:/bin" } });
|
|
157
158
|
} else {
|
|
@@ -227,9 +228,12 @@ var relay = createServer({
|
|
|
227
228
|
callback({ ok: false, error: errMsg });
|
|
228
229
|
return;
|
|
229
230
|
}
|
|
230
|
-
// chown if osUsers
|
|
231
|
+
// chown and restrict permissions if osUsers
|
|
231
232
|
if (config.osUsers && wsUser && wsUser.linuxUser) {
|
|
232
|
-
try {
|
|
233
|
+
try {
|
|
234
|
+
fs.chmodSync(targetDir, 0o700);
|
|
235
|
+
execSync("chown -R " + wsUser.linuxUser + ":" + wsUser.linuxUser + " " + JSON.stringify(targetDir));
|
|
236
|
+
} catch (e) {}
|
|
233
237
|
}
|
|
234
238
|
// Register project
|
|
235
239
|
var projectEntry = { path: targetDir, slug: slug, addedAt: Date.now() };
|
package/lib/os-users.js
CHANGED
|
@@ -266,6 +266,12 @@ function provisionAllUsers(usersModule) {
|
|
|
266
266
|
if (user.linuxUser) {
|
|
267
267
|
// Already mapped, verify the Linux user still exists
|
|
268
268
|
if (linuxUserExists(user.linuxUser)) {
|
|
269
|
+
// Ensure Claude CLI is installed for existing users
|
|
270
|
+
var cliPath = "/home/" + user.linuxUser + "/.local/bin/claude";
|
|
271
|
+
if (!fs.existsSync(cliPath)) {
|
|
272
|
+
console.log("[os-users] Claude CLI missing for " + user.linuxUser + ", installing...");
|
|
273
|
+
installClaudeCli(user.linuxUser);
|
|
274
|
+
}
|
|
269
275
|
result.skipped.push({ id: user.id, username: user.username, linuxUser: user.linuxUser });
|
|
270
276
|
continue;
|
|
271
277
|
}
|
|
@@ -329,7 +335,10 @@ function deactivateLinuxUser(linuxUsername) {
|
|
|
329
335
|
function ensureProjectsDir() {
|
|
330
336
|
var dir = "/var/clay/projects";
|
|
331
337
|
if (!fs.existsSync(dir)) {
|
|
332
|
-
fs.mkdirSync(dir, { recursive: true, mode:
|
|
338
|
+
fs.mkdirSync(dir, { recursive: true, mode: 0o711 });
|
|
339
|
+
} else {
|
|
340
|
+
// Tighten permissions if directory already exists (prevent listing by other users)
|
|
341
|
+
try { fs.chmodSync(dir, 0o711); } catch (e) {}
|
|
333
342
|
}
|
|
334
343
|
}
|
|
335
344
|
|
package/lib/terminal.js
CHANGED
|
@@ -32,7 +32,8 @@ function createTerminal(cwd, cols, rows, osUserInfo) {
|
|
|
32
32
|
if (osUserInfo.shell) shell = osUserInfo.shell;
|
|
33
33
|
}
|
|
34
34
|
|
|
35
|
-
var
|
|
35
|
+
var args = osUserInfo ? ["-l"] : [];
|
|
36
|
+
var term = pty.spawn(shell, args, spawnOpts);
|
|
36
37
|
|
|
37
38
|
return term;
|
|
38
39
|
}
|