Release 24.03

accetto · Mar 11, 2024 · 2f67479 · 2f67479
1 parent d7aa0db
commit 2f67479
Show file tree

Hide file tree

Showing 6 changed files with 43 additions and 16 deletions.
diff --git a/.gitignore b/.gitignore
@@ -11,10 +11,9 @@
 # '**' matches nested directories (e.g. 'a/**/z')
 # recommended files on 'https://github.com/github/gitignore'
 
+..developer*
 .vscode
 .cache*
-.debugger*
-.developer*
 .favorites.json
 .g3-cache*
 .secret*

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,13 @@
 
 ***
 
+### Release 24.03
+
+This is the first `G3v5` release.
+
+The updated script `set_user_permissions.sh`, which is part of Dockerfiles, skips the hidden files and directories now.
+It generally should not have any unwanted side effects, but it may make a difference in some scenarios, hence the version increase.
+
 ### Release 23.12
 
 This is a maintenance release.

diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 ## Project `accetto/ubuntu-vnc-xfce-g3`
 
-Version: G3v4
+Version: G3v5
 
 ***
 
@@ -106,14 +106,32 @@ The **first generation** (G1) contains the GitHub repository [accetto/ubuntu-vnc
 
 ### Project versions
 
-This file describes the **fourth version** (G3v4) of the project.
+This file describes the **fifth version** (G3v5) of the project.
 
 However, also this version keeps evolving.
 Please check the [CHANGELOG][this-changelog] for more information about the changes.
 
 The **first version** (G3v1, or simply G3), the **second version** (G3v2, only 20.04 images) and the **third version** (G3v3, 22.04 and 20.04 images) are still available in this **GitHub** repository as the branches `archived-generation-g3v1`, `archived-generation-g3v2` and `archived-generation-g3v3`.
+The **fourth version** (G3v4) was not archived, because the changes are minor.
 
-The version `G3v3` brings the following major changes comparing to the previous version `G3v2`:
+The version `G3v5` brings only one significant change comparing to the previous version `G3v4`:
+
+- The updated script `set_user_permissions.sh`, which is part of Dockerfiles, skips the hidden files and directories now.
+It generally should not have any unwanted side effects, but it may make a difference in some scenarios, hence the version increase.
+
+The version `G3v4` has brought the updated startup scripts and the following major changes comparing to the previous version `G3v3`:
+
+- The updated startup scripts that support overriding the user ID (`id`) and group ID (`gid`) without needing the former build argument `ARG_FEATURES_USER_GROUP_OVERRIDE`, which has been removed.
+- The user ID and the group ID can be overridden during the build time (`docker build`) and the run time (`docker run`).
+- The `user name`, the `group name` and the `initial sudo password` can be overridden during the build time.
+- The permissions of the files `/etc/passwd` and `/etc/groups` are set to the standard `644` after creating the user.
+- The content of the home folder and the startup folder belongs to the created user.
+- The created user gets permissions to use `sudo`. The initial `sudo` password is configurable during the build time using the build argument `ARG_SUDO_INITIAL_PW`. The password can be changed inside the container.
+- The default `id:gid` has been changed from `1001:0` to `1000:1000`.
+
+Please refer to the release **23.02** in the CHANGELOG for more information.
+
+The version `G3v3` has brought the following major changes comparing to the previous version `G3v2`:
 
 - The updated startup scripts that support overriding the user ID (`id`) and group ID (`gid`) without needing the former build argument `ARG_FEATURES_USER_GROUP_OVERRIDE`, which has been removed.
 - The user ID and the group ID can be overridden during the build time (`docker build`) and the run time (`docker run`).

diff --git a/docker/Dockerfile.xfce.20-04 b/docker/Dockerfile.xfce.20-04
@@ -369,7 +369,7 @@ RUN \
     &&  echo "${HEADLESS_USER_NAME}:x:${HEADLESS_USER_ID}:${HEADLESS_USER_GROUP_ID}:Default:${HOME}:/bin/bash" >> /etc/passwd \
     &&  echo "${HEADLESS_USER_NAME}  ALL=(ALL:ALL) ALL" | sudo tee /etc/sudoers.d/"${HEADLESS_USER_NAME}" \
     &&  echo "${ARG_SUDO_INITIAL_PW:-headless}" > "${STARTUPDIR}"/.initial_sudo_password \
-    &&  echo "${HEADLESS_USER_NAME}:$(cat "${STARTUPDIR}"/.initial_sudo_password)" | chpasswd \
+    &&  echo "${HEADLESS_USER_NAME}:$(cat ${STARTUPDIR}/.initial_sudo_password)" | chpasswd \
     &&  ln -s "${HOME}"/readme.md "${HOME}"/Desktop/README \
     &&  envsubst <"${HOME}"/Desktop/versionsticker.desktop >/tmp/esub.tmp && mv -f /tmp/esub.tmp "${HOME}"/Desktop/versionsticker.desktop \
     && "${STARTUPDIR}"/set_user_permissions.sh "${STARTUPDIR}" "${HOME}"

diff --git a/docker/Dockerfile.xfce.22-04 b/docker/Dockerfile.xfce.22-04
@@ -390,7 +390,7 @@ RUN \
     &&  echo "${HEADLESS_USER_NAME}:x:${HEADLESS_USER_ID}:${HEADLESS_USER_GROUP_ID}:Default:${HOME}:/bin/bash" >> /etc/passwd \
     &&  echo "${HEADLESS_USER_NAME}  ALL=(ALL:ALL) ALL" | sudo tee /etc/sudoers.d/"${HEADLESS_USER_NAME}" \
     &&  echo "${ARG_SUDO_INITIAL_PW:-headless}" > "${STARTUPDIR}"/.initial_sudo_password \
-    &&  echo "${HEADLESS_USER_NAME}:$(cat "${STARTUPDIR}"/.initial_sudo_password)" | chpasswd \
+    &&  echo "${HEADLESS_USER_NAME}:$(cat ${STARTUPDIR}/.initial_sudo_password)" | chpasswd \
     &&  ln -s "${HOME}"/readme.md "${HOME}"/Desktop/README \
     &&  envsubst <"${HOME}"/Desktop/versionsticker.desktop >/tmp/esub.tmp && mv -f /tmp/esub.tmp "${HOME}"/Desktop/versionsticker.desktop \
     && "${STARTUPDIR}"/set_user_permissions.sh "${STARTUPDIR}" "${HOME}"

diff --git a/docker/src/xfce-startup/set_user_permissions.sh b/docker/src/xfce-startup/set_user_permissions.sh
@@ -18,15 +18,18 @@ main() {
             echo "Fixing permissions for: ${i}"
         fi
 
-        ### set directory permissions (recursively)
-        find "$i" -type d -exec chmod ${verbose} 755 {} +
-
-        ### set file permissions (recursively)
-        find "$i" -type f -exec chmod ${verbose} 644 {} +
-
-        ### specific file permissions (recursively)
-        find "$i"/ -type f -name '*.sh' -exec chmod ${verbose} 744 {} +
-        find "$i"/ -type f -name '*.desktop' -exec chmod ${verbose} 744 {} +
+        ### set directory permissions
+        ### recursively, but skipping dot-directories in $HOME
+        find "$i" -type d -not -path "${HOME}/.*" -exec chmod ${verbose} 755 {} +
+
+        ### set file permissions
+        ### recursively, but skipping dot-files and dot-directories in $HOME
+        find "$i" -type f -not -path "${HOME}/.*" -exec chmod ${verbose} 644 {} +
+
+        ### specific file permissions
+        ### recursively, but skipping dot-directories in $HOME
+        find "$i"/ -type f -not -path "${HOME}/.*" -name '*.sh' -exec chmod ${verbose} 744 {} +
+        find "$i"/ -type f -not -path "${HOME}/.*" -name '*.desktop' -exec chmod ${verbose} 744 {} +
     done
 
     ### startup script is special