I just upgraded to HS4 on Linux, and I noticed it's trying to execute some RecoveryInstall.sh script with a bunch of sudo commands in it- this is *wildly* inappropriate...
How do I prevent HomeSeer from doing this? I don't want it blowing away my sudoers config, installing lighttpd, and screwing with my system. Given that this is a general purpose machine, I certainly did not expect this to happen (and I'm glad homeseer didn't have root privileges....)
Code:
cd /usr/local/HomeSeer
if grep -q Installed RecoveryInstall.txt; then
sudo /etc/init.d/lighttpd restart
else
cd /
sudo wget www.homeseer.com/linux/recovery/sudoers | tr -d '\r'
sudo wget www.homeseer.com/linux/recovery/lighttpd.conf | tr -d '\r'
sudo wget www.homeseer.com/linux/recovery/RecoveryInstall.txt | tr -d '\r'
sudo wget www.homeseer.com/linux/recovery/Recovery.tar | tr -d '\r'
sudo apt-get update
sudo apt-get install -y lighttpd
sudo apt-get install -y php5-cgi
sudo service lighttpd reload
sudo lighttpd-enable-mod fastcgi fastcgi-php
sudo cp sudoers /etc/sudoers
sudo cp lighttpd.conf /etc/lighttpd/lighttpd.conf
sudo cp RecoveryInstall.txt /usr/local/HomeSeer
sudo mkdir /var/www/lighttpd
sudo chown -R www-data /var/www/lighttpd
sudo touch /var/www/lighttpd/error.log
sudo chmod 777 /var/www/lighttpd/error.log
sudo tar -xvf Recovery.tar | tr -d '\r'
sudo rm Recovery.tar
sudo rm sudoers
sudo rm lighttpd.conf
sudo rm RecoveryInstall.txt
sudo rm index.lighttpd.html
sudo echo -e "*/5 * * * * root /usr/local/HomeSeer/register_with_find.sh\n" > /etc/cron.d/find
if grep -q /etc/init.d/lighttpd "/etc/rc.local"; then
exit 0
else
sudo sed -i '$d' /etc/rc.local
sudo echo "sudo /etc/init.d/lighttpd start" >> /etc/rc.local
sudo echo "sudo /usr/local/HomeSeer/register_with_find.sh" >> /etc/rc.local
sudo echo "exit 0" >> /etc/rc.local
fi
sudo /etc/init.d/lighttpd restart
fi
exit 0