From 6012c3aa573d0a4e6f794589608e36a8cb07c368 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20Sch=C3=A4ferdiek?= Date: Tue, 6 Sep 2022 13:44:32 +0200 Subject: [PATCH] Add script for simple umask alignment --- usr/local/bin/perms_default_umask | 47 +++++++++++++++++++++ usr/local/bin/perms_user_home_default_umask | 25 +++++++++-- 2 files changed, 69 insertions(+), 3 deletions(-) create mode 100755 usr/local/bin/perms_default_umask diff --git a/usr/local/bin/perms_default_umask b/usr/local/bin/perms_default_umask new file mode 100755 index 0000000..fc0caae --- /dev/null +++ b/usr/local/bin/perms_default_umask @@ -0,0 +1,47 @@ +#!/usr/bin/env bash +# +# Usage: perms_default_umask [] +# +# Fix permissions for a directory: +# - align with umask 022 (755 on folders, 644 on files) +# - keep +x flag for already executable files if enabled (default) + +DIR="$1" +KEEP_EXECUTABLE_FILES="$2" + +if [[ -z "$DIR" ]]; then + echo "No directory given" + exit 1; +fi + +if [[ ! -d "$DIR" ]]; then + echo "Directory $DIR does not exist" + exit 1; +fi + +if [[ -z "$KEEP_EXECUTABLE_FILES" ]]; then + KEEP_EXECUTABLE_FILES="yes" +fi + +echo "Fixing directory permissions of '$DIR'" +find "$DIR" -type d -exec chmod 755 {} \; + +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + echo "Maintaining +x flag for files in '$DIR'" + EXECUTABLE_FILES=$(find "$DIR" -executable -type f) +else + echo "Executable files in '$DIR' will also be reset" +fi + +echo "Fixing file permissions of '$DIR'" +find "$DIR" -type f -exec chmod 644 {} \; + +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + for i in ${EXECUTABLE_FILES}; + do + echo "Restoring +x flag for ${i}" + chmod +x "${i}" + done +fi + +echo "Finished" diff --git a/usr/local/bin/perms_user_home_default_umask b/usr/local/bin/perms_user_home_default_umask index 569369d..e315ccf 100755 --- a/usr/local/bin/perms_user_home_default_umask +++ b/usr/local/bin/perms_user_home_default_umask @@ -1,14 +1,14 @@ #!/usr/bin/env bash # -# Usage: perms_user_home_default_umask $A_USERS_HOME_DIRECTORY +# Usage: perms_user_home_default_umask [] # # Fix permissions for user: # - align with umask 022 (755 on folders, 644 on files) +# - keep +x flag for already executable files if enabled (default, otherwise set to no) # - set 700 (only allow owner to go into directory) -# -# You need to execute chown -R ...:... on your own DIR="$1" +KEEP_EXECUTABLE_FILES="$2" if [[ -z "$DIR" ]]; then echo "No directory given" @@ -20,12 +20,31 @@ if [[ ! -d "$DIR" ]]; then exit 1; fi +if [[ -z "$KEEP_EXECUTABLE_FILES" ]]; then + KEEP_EXECUTABLE_FILES="yes" +fi + echo "Fixing directory permissions of '$DIR'" find "$DIR" -type d -exec chmod 755 {} \; +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + echo "Maintaining +x flag for files in '$DIR'" + EXECUTABLE_FILES=$(find "$DIR" -executable -type f) +else + echo "Executable files in '$DIR' will also be reset" +fi + echo "Fixing file permissions of '$DIR'" find "$DIR" -type f -exec chmod 644 {} \; +if [[ $KEEP_EXECUTABLE_FILES == 'yes' ]]; then + for i in ${EXECUTABLE_FILES}; + do + echo "Restoring +x flag for ${i}" + chmod +x "${i}" + done +fi + echo "Making '$DIR' owner only" chmod 700 "$DIR"