diff --git a/usr/local/bin/perms_default_umask b/usr/local/bin/perms_default_umask new file mode 100755 index 0000000..fc0caae --- /dev/null +++ b/usr/local/bin/perms_default_umask @@ -0,0 +1,47 @@ +#!/usr/bin/env bash +# +# Usage: perms_default_umask [] +# +# Fix permissions for a directory: +# - align with umask 022 (755 on folders, 644 on files) +# - keep +x flag for already executable files if enabled (default) + +DIR="$1" +KEEP_EXECUTABLE_FILES="$2" + +if [[ -z "$DIR" ]]; then + echo "No directory given" + exit 1; +fi + +if [[ ! -d "$DIR" ]]; then + echo "Directory $DIR does not exist" + exit 1; +fi + +if [[ -z "$KEEP_EXECUTABLE_FILES" ]]; then + KEEP_EXECUTABLE_FILES="yes" +fi + +echo "Fixing directory permissions of '$DIR'" +find "$DIR" -type d -exec chmod 755 {} \; + +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + echo "Maintaining +x flag for files in '$DIR'" + EXECUTABLE_FILES=$(find "$DIR" -executable -type f) +else + echo "Executable files in '$DIR' will also be reset" +fi + +echo "Fixing file permissions of '$DIR'" +find "$DIR" -type f -exec chmod 644 {} \; + +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + for i in ${EXECUTABLE_FILES}; + do + echo "Restoring +x flag for ${i}" + chmod +x "${i}" + done +fi + +echo "Finished" diff --git a/usr/local/bin/perms_user_home_default_umask b/usr/local/bin/perms_user_home_default_umask index 569369d..e315ccf 100755 --- a/usr/local/bin/perms_user_home_default_umask +++ b/usr/local/bin/perms_user_home_default_umask @@ -1,14 +1,14 @@ #!/usr/bin/env bash # -# Usage: perms_user_home_default_umask $A_USERS_HOME_DIRECTORY +# Usage: perms_user_home_default_umask [] # # Fix permissions for user: # - align with umask 022 (755 on folders, 644 on files) +# - keep +x flag for already executable files if enabled (default, otherwise set to no) # - set 700 (only allow owner to go into directory) -# -# You need to execute chown -R ...:... on your own DIR="$1" +KEEP_EXECUTABLE_FILES="$2" if [[ -z "$DIR" ]]; then echo "No directory given" @@ -20,12 +20,31 @@ if [[ ! -d "$DIR" ]]; then exit 1; fi +if [[ -z "$KEEP_EXECUTABLE_FILES" ]]; then + KEEP_EXECUTABLE_FILES="yes" +fi + echo "Fixing directory permissions of '$DIR'" find "$DIR" -type d -exec chmod 755 {} \; +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + echo "Maintaining +x flag for files in '$DIR'" + EXECUTABLE_FILES=$(find "$DIR" -executable -type f) +else + echo "Executable files in '$DIR' will also be reset" +fi + echo "Fixing file permissions of '$DIR'" find "$DIR" -type f -exec chmod 644 {} \; +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + for i in ${EXECUTABLE_FILES}; + do + echo "Restoring +x flag for ${i}" + chmod +x "${i}" + done +fi + echo "Making '$DIR' owner only" chmod 700 "$DIR"