system: Fix permission setting in addsite.

diff --git a/usr/local/bin/addsite b/usr/local/bin/addsite
index 00fa24ba5a21d5707340899b81c0aa18b1890591..44d39b88cbfced4143504c629dcb6e01faa381dc 100755 (executable)
--- a/usr/local/bin/addsite
+++ b/usr/local/bin/addsite
@@ -93,19 +93,22 @@ sudo setfacl -R --set d:u::rwX,d:g::rX,d:o::-,u::rwX,g::rX,o::- "$DIR"
 sudo setfacl -R -m g::rwX "$DIR/htdocs" "$DIR/conf"
 
 # Give lighttpd read access to the dir itself
-sudo setfacl -R -m u:$HTTPD_USER:rx "$DIR"
+sudo setfacl -m u:$HTTPD_USER:rx "$DIR"
 
 # Allow lighttpd to read anything in htdocs
-sudo setfacl -m d:u:$HTTPD_USER:rX,u:$HTTPD_USER:rX "$DIR/htdocs"
+sudo setfacl -R -m d:u:$HTTPD_USER:rX,u:$HTTPD_USER:rX "$DIR/htdocs"
 
-# Allow lighttpd to write new files in logs (but not touch existing!)
+# Allow lighttpd to write new files in logs (but not touch existing or those created by lighttpd)
 sudo setfacl -m u:$HTTPD_USER:rwX "$DIR/logs"
 
+# Give scripts read access to the dir itself
+sudo setfacl -m u:$SCRIPT_USER:rx "$DIR"
+
 # Allow scripts to read anything in applications, htdocs and conf
 sudo setfacl -R -m d:u:$SCRIPT_USER:rX,u:$SCRIPT_USER:rX "$DIR/applications" "$DIR/htdocs" "$DIR/conf"
 
-# Allow scripts to create new files in logs and data (but not touch existing!)
-sudo setfacl -R -m d:u:$SCRIPT_USER:rwX,u:$SCRIPT_USER:rwX "$DIR/logs" "$DIR/data"
+# Allow scripts to create new files in logs and data (but not touch existing or those created by lighttpd)
+sudo setfacl -m u:$SCRIPT_USER:rwX "$DIR/logs" "$DIR/data"
 
 # Temp, chown existing log files
 sudo sh -c "chown -R $SCRIPT_USER \"$DIR\"/logs/php.log* \"$DIR\"/logs/wipi.log*"