From 84b302cd601403bbf93934d4eb277f19afdedc4c Mon Sep 17 00:00:00 2001
From: LinuxServer-CI <ci@linuxserver.io>
Date: Tue, 13 Sep 2022 02:05:37 -0500
Subject: [PATCH 1/3] Bot Updating Package Versions

---
 package_versions.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package_versions.txt b/package_versions.txt
index 6c4c2bb..6e6f70a 100755
--- a/package_versions.txt
+++ b/package_versions.txt
@@ -1,5 +1,5 @@
-alpine-baselayout-3.2.0-r22
-alpine-baselayout-data-3.2.0-r22
+alpine-baselayout-3.2.0-r23
+alpine-baselayout-data-3.2.0-r23
 alpine-keys-2.4-r1
 apk-tools-2.12.9-r3
 bash-5.1.16-r2

From 4deecce65acc80491fd19db22d21445e2dee3506 Mon Sep 17 00:00:00 2001
From: TheSpad <git@spad.co.uk>
Date: Tue, 13 Sep 2022 11:29:41 +0100
Subject: [PATCH 2/3] Fix custom svc removal, cleanup readme issues

---
 root/docker-mods                     | 18 ++++++++++--------
 root/etc/cont-init.d/99-custom-files |  2 +-
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/root/docker-mods b/root/docker-mods
index 97949a6..eae1e60 100755
--- a/root/docker-mods
+++ b/root/docker-mods
@@ -11,18 +11,18 @@ set_legacy_executable_bits() {
 
 tamper_check() {
     #Tamper check custom service locations
-    if [[ -d "${SERVICES_DIR}" ]] && [[ -n "$(find ${SERVICES_DIR}/* ! -user root)" ]]; then
+    if [[ -d "${SERVICES_DIR}" ]] && [[ -n "$(find ${SERVICES_DIR}/* ! -user root 2>/dev/null)" ]]; then
         echo "[custom-init] **** Some of the contents of the folder '${SERVICES_DIR}' are not owned by root, which is a security risk. ****"
         echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
-    elif [[ -d "${SERVICES_DIR}" ]] && [[ -n "$(find ${SERVICES_DIR}/* -perm -o+w)" ]]; then
+    elif [[ -d "${SERVICES_DIR}" ]] && [[ -n "$(find ${SERVICES_DIR}/* -perm -o+w 2>/dev/null)" ]]; then
         echo "[custom-init] **** Some of the contents of the folder '${SERVICES_DIR}' have write permissions for others, which is a security risk. ****"
         echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
     fi
     #Tamper check custom script locations
-    if [[ -d "${SCRIPTS_DIR}" ]] && [[ -n "$(find ${SCRIPTS_DIR}/* ! -user root)" ]]; then
+    if [[ -d "${SCRIPTS_DIR}" ]] && [[ -n "$(find ${SCRIPTS_DIR}/* ! -user root 2>/dev/null)" ]]; then
         echo "[custom-init] **** Some of the contents of the folder '${SCRIPTS_DIR}' are not owned by root, which is a security risk. ****"
         echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
-    elif [[ -d "${SCRIPTS_DIR}" ]] && [[ -n "$(find ${SCRIPTS_DIR}/* -perm -o+w)" ]]; then
+    elif [[ -d "${SCRIPTS_DIR}" ]] && [[ -n "$(find ${SCRIPTS_DIR}/* -perm -o+w 2>/dev/null)" ]]; then
         echo "[custom-init] **** Some of the contents of the folder '${SCRIPTS_DIR}' have write permissions for others, which is a security risk. ****"
         echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
     fi
@@ -30,7 +30,7 @@ tamper_check() {
 
 tamper_check_legacy() {
     # Tamper check custom script locations
-    if [[ -d "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(find ${SCRIPTS_DIR_OLD} ! -user root)" ]]; then
+    if [[ -d "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(find ${SCRIPTS_DIR_OLD} ! -user root 2>/dev/null)" ]]; then
         echo "**** Potential tampering with custom scripts detected ****"
         randstr=$(
             tr </dev/urandom -dc _A-Z-a-z-0-9 | head -c8
@@ -39,13 +39,13 @@ tamper_check_legacy() {
         mv "${SCRIPTS_DIR_OLD}" "${SCRIPTS_DIR_OLD}.${randstr}"
         echo "[custom-init] **** Folder ${SCRIPTS_DIR_OLD} is moved to ${SCRIPTS_DIR_OLD}.${randstr} ****"
         echo "[custom-init] **** The folder '${SCRIPTS_DIR_OLD}' and its contents need to all be owned by root to prevent root escalation inside the container!!! ****"
-    elif [[ -d "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(find ${SCRIPTS_DIR_OLD} -perm -o+w)" ]]; then
+    elif [[ -d "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(find ${SCRIPTS_DIR_OLD} -perm -o+w 2>/dev/null)" ]]; then
         echo "[custom-init] **** The folder '${SCRIPTS_DIR_OLD}' or some of its contents have write permissions for others, which is a security risk. ****"
         echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
     fi
 
     # Tamper check custom service locations
-    if [[ -d "${SERVICES_DIR_OLD}" ]] && [[ -n "$(find ${SERVICES_DIR_OLD} ! -user root)" ]]; then
+    if [[ -d "${SERVICES_DIR_OLD}" ]] && [[ -n "$(find ${SERVICES_DIR_OLD} ! -user root 2>/dev/null)" ]]; then
         echo "[custom-init] **** Potential tampering with custom scripts detected ****"
         randstr=$(
             tr </dev/urandom -dc _A-Z-a-z-0-9 | head -c8
@@ -54,7 +54,7 @@ tamper_check_legacy() {
         mv "${SERVICES_DIR_OLD}" "${SERVICES_DIR_OLD}.${randstr}"
         echo "[custom-init] **** Folder ${SERVICES_DIR_OLD} is moved to ${SERVICES_DIR_OLD}.${randstr} ****"
         echo "[custom-init] **** The folder '${SERVICES_DIR_OLD}' and its contents need to all be owned by root to prevent root escalation inside the container!!! ****"
-    elif [[ -d "${SERVICES_DIR_OLD}" ]] && [[ -n "$(find ${SERVICES_DIR_OLD} -perm -o+w)" ]]; then
+    elif [[ -d "${SERVICES_DIR_OLD}" ]] && [[ -n "$(find ${SERVICES_DIR_OLD} -perm -o+w 2>/dev/null)" ]]; then
         echo "[custom-init] **** The folder '${SERVICES_DIR_OLD}' or some of its contents have write permissions for others, which is a security risk. ****"
         echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
     fi
@@ -66,6 +66,7 @@ process_custom_services() {
     if [[ -n "$(/bin/ls -A /etc/s6-overlay/s6-rc.d/custom-svc-* 2>/dev/null)" ]]; then
         echo "[custom-init] removing existing custom services..."
         rm -rf /etc/s6-overlay/s6-rc.d/custom-svc-*
+        rm /etc/s6-overlay/s6-rc.d/user/contents.d/custom-svc-*
     fi
 
     # Make sure custom service directory exists and has files in it
@@ -104,6 +105,7 @@ process_custom_services_legacy() {
     if [[ -n "$(/bin/ls -A /etc/s6-overlay/s6-rc.d/custom-svc-* 2>/dev/null)" ]]; then
         echo "[custom-init] removing existing custom services..."
         rm -rf /etc/s6-overlay/s6-rc.d/custom-svc-*
+        rm /etc/s6-overlay/s6-rc.d/user/contents.d/custom-svc-*
     fi
 
     # Make sure custom service directory exists and has files in it
diff --git a/root/etc/cont-init.d/99-custom-files b/root/etc/cont-init.d/99-custom-files
index 1ea5595..6ebe2d2 100755
--- a/root/etc/cont-init.d/99-custom-files
+++ b/root/etc/cont-init.d/99-custom-files
@@ -57,7 +57,7 @@ fi
 
 if [[ -n "$(/bin/ls -A "${SCRIPTS_DIR_OLD}" 2>/dev/null)" ]] ||
     [[ -n "$(/bin/ls -A "${SERVICES_DIR_OLD}" 2>/dev/null)" ]]; then
-    cat << EOF | tee {${SCRIPTS_DIR_OLD}/README.txt,${SERVICES_DIR_OLD}/README.txt} 2>/dev/null
+    cat << EOF | tee ${SCRIPTS_DIR_OLD}/README.txt 2>/dev/null
 ********************************************************
 ********************************************************
 *                                                      *

From ca4a42df4a715ce29e8a4b3c77ec8120ce04b7c2 Mon Sep 17 00:00:00 2001
From: LinuxServer-CI <ci@linuxserver.io>
Date: Tue, 20 Sep 2022 02:00:12 -0500
Subject: [PATCH 3/3] Bot Updating Templated Files

---
 Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index ed2877f..e8e3743 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -673,7 +673,7 @@ pipeline {
                 -e DO_REGION="ams3" \
                 -e DO_BUCKET="lsio-ci" \
                 -t ghcr.io/linuxserver/ci:latest \
-                python /ci/ci.py'''
+                python3 test_build.py'''
         }
       }
     }