# frr and as such we need to intelligently
# check to see if the frr user is in the frrvty
# group.
-if ! /usr/bin/id frr | grep &>/dev/null 'frrvty'; then
+if ! id frr | grep &>/dev/null 'frrvty'; then
usermod -a -G frrvty frr >/dev/null
fi
# Logfiles are group readable in case users were put into the frr group.
d=/var/log/frr/
mkdir -p $d
- chown -R frr:frr $d
+ chown frr:frr $d
+ chown --quiet frr:frr $d/* | true
chmod u=rwx,go=rx $d
find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
# Strict permissions for the sockets.
d=/var/run/frr/
mkdir -p $d
- chown -R frr:frr $d
+ chown frr:frr $d
+ chown --quiet frr:frr $d/* | true
chmod u=rwx,go=rx $d
find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,go=