wangxuming/NianToB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7c8781a6e30ca15084df03e3bac7615e11247458
NianToB/scripts/linux/after-install.sh
inman e949aa2802
Some checks failed
Electron E2E / Electron E2E (macos-latest) (push) Has been cancelled
Details
Electron E2E / Electron E2E (ubuntu-latest) (push) Has been cancelled
Details
Electron E2E / Electron E2E (windows-latest) (push) Has been cancelled
Details
docs: keep Chinese README and refresh screenshots
2026-05-07 22:22:27 +08:00

69 lines
2.9 KiB
Bash
Raw Blame History

#!/bin/bash
# Post-installation script for Zhinian Assistant on Linux
set -e
# Update desktop database
if command -v update-desktop-database &> /dev/null; then
update-desktop-database -q /usr/share/applications || true
fi
# Update icon cache
if command -v gtk-update-icon-cache &> /dev/null; then
gtk-update-icon-cache -q /usr/share/icons/hicolor || true
fi
# Create symbolic link for Zhinian Assistant app binary
APP_DIR="/opt/智念助手"
if [ -x "$APP_DIR/zhinian-assistant" ]; then
ln -sf "$APP_DIR/zhinian-assistant" /usr/local/bin/zhinian-assistant 2>/dev/null || true
fi
# Create symbolic link for the app-managed openclaw CLI only when it will not
# overwrite a user-managed OpenClaw installation.
OPENCLAW_WRAPPER="$APP_DIR/resources/cli/openclaw"
if [ -f "$OPENCLAW_WRAPPER" ]; then
chmod +x "$OPENCLAW_WRAPPER" 2>/dev/null || true
if [ ! -e /usr/local/bin/openclaw ] || [ "$(readlink /usr/local/bin/openclaw 2>/dev/null || true)" = "$OPENCLAW_WRAPPER" ]; then
ln -sf "$OPENCLAW_WRAPPER" /usr/local/bin/openclaw 2>/dev/null || true
else
echo "Keeping existing /usr/local/bin/openclaw; it is not managed by Zhinian Assistant."
fi
fi
# Set chrome-sandbox permissions.
# On systems without working user namespaces, the SUID bit is required.
# On Ubuntu 24.04+, user namespaces are available but blocked by AppArmor;
# we rely on the AppArmor profile below instead, so 0755 is correct there.
if ! { [[ -L /proc/self/ns/user ]] && unshare --user true; }; then
# No user namespace support — fall back to SUID sandbox
chmod 4755 "$APP_DIR/chrome-sandbox" || true
else
chmod 0755 "$APP_DIR/chrome-sandbox" || true
fi
# Install AppArmor profile (Ubuntu 24.04+).
# Ubuntu 24.04 enables kernel.apparmor_restrict_unprivileged_userns=1 by default,
# which blocks Electron's sandbox. The bundled AppArmor profile grants the 'userns'
# permission so the app can create user namespaces without disabling the global policy.
#
# We first check if AppArmor is enabled and if the running version supports abi/4.0
# (Ubuntu 22.04 does not; it runs fine without the profile, so we skip it there).
if apparmor_status --enabled > /dev/null 2>&1; then
APPARMOR_PROFILE_SOURCE="$APP_DIR/resources/apparmor-profile"
APPARMOR_PROFILE_TARGET='/etc/apparmor.d/zhinian-assistant'
if apparmor_parser --skip-kernel-load --debug "$APPARMOR_PROFILE_SOURCE" > /dev/null 2>&1; then
cp -f "$APPARMOR_PROFILE_SOURCE" "$APPARMOR_PROFILE_TARGET"
# Skip live-loading in a chroot environment (e.g. image-building pipelines).
if ! { [ -x '/usr/bin/ischroot' ] && /usr/bin/ischroot; } && hash apparmor_parser 2>/dev/null; then
apparmor_parser --replace --write-cache --skip-read-cache "$APPARMOR_PROFILE_TARGET"
fi
else
echo "Skipping AppArmor profile installation: this version of AppArmor does not support the bundled profile"
fi
fi
echo "Zhinian Assistant has been installed successfully."
Reference in New Issue View Git Blame Copy Permalink