miniflux: Workaround a packaging bug with DB connection

The latest version of miniflux can't connect to the database after a fresh installation. This is due to incorrect ownership of /etc/miniflux/database file which is owned by root (and correctly having the permissions 0600). After changes in bug #1078416, miniflux no longer runs as root user and instead runs as miniflux user. This user can't read the database file. The daemon silently falls back to using built in defaults and fails to connect to PostgreSQL database. This is originally caught by functional tests in FreedomBox's miniflux integration. Links: 1) https://bugs.debian.org/1081562 2) https://salsa.debian.org/go-team/packages/miniflux/-/merge_requests/2 Tests: - Freshly install miniflux with the patch and the daemon is running. Ownership for the file /etc/miniflux/database is as expected. - Install miniflux without the patch. Daemon is not running. Apply patch and restart service. miniflux app is updated. Daemon is running. Ownership for the file /etc/miniflux/database is as expected. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-03-11 09:04:54 +00:00 · 2024-09-12 21:06:56 -07:00 · 2024-09-12 21:06:56 -07:00 · 9af9a504e0
commit 9af9a504e0
parent 711c19b511
2 changed files with 18 additions and 2 deletions
--- a/plinth/modules/miniflux/init.py
+++ b/plinth/modules/miniflux/init.py
@ -33,7 +33,7 @@ class MinifluxApp(app_module.App):

    app_id = 'miniflux'

-    _version = 1
+    _version = 2

    def __init__(self):
        """Create components for the app."""
@ -88,6 +88,7 @@ class MinifluxApp(app_module.App):
        """Install and configure the app."""
        privileged.pre_setup()
        super().setup(old_version)
+        privileged.setup(old_version)
        if not old_version:
            self.enable()

--- a/plinth/modules/miniflux/privileged.py
+++ b/plinth/modules/miniflux/privileged.py
@ -4,6 +4,7 @@
 import json
 import os
 import pathlib
+import shutil
 from typing import Tuple
 from urllib.parse import urlparse

@ -40,7 +41,7 @@ def _env_file_to_dict(env_vars: str) -> dict[str, str]:

@privileged
 def pre_setup():
-    """Perform post-install actions for Miniflux."""
+    """Perform pre-install actions for Miniflux."""
    vars_file = pathlib.Path(ENV_VARS_FILE)
    vars_file.parent.mkdir(parents=True, exist_ok=True)

@ -53,6 +54,20 @@ def pre_setup():
    vars_file.write_text(_dict_to_env_file(new_settings))


+@privileged
+def setup(old_version: int):
+    """Perform post-install actions for Miniflux."""
+    # Fix incorrect permissions on database file in version 2.2.0-2. See
+    # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081562 . Can be
+    # removed after the fix for the bug reaches Trixie/testing.
+    shutil.chown(DATABASE_FILE, user='miniflux', group='root')
+    if not old_version or action_utils.service_is_enabled('miniflux'):
+        # If the service was tried too many times already, it won't
+        # successfully restart.
+        action_utils.service_reset_failed('miniflux')
+        action_utils.service_restart('miniflux')
+
+
 def _run_miniflux_interactively(command: str, username: str,
                                password: str) -> Tuple[str, dict]:
    """Fill interactive terminal prompt for username and password."""