3 # a library file for redoing file ownership and permissions as we feel is
4 # appropriate. this approach is a little bit specific to our way of doing
5 # things, but it does handle a lot of important fixes everyone would want,
6 # like making ~/.ssh really secure.
8 # cleans up the ownership and permissions for all of the important files and dirs.
9 function reapply_cool_permissions()
11 local cooluser="$1"; shift
13 #hmmm: check for non empty name.
14 local homebase="/home/$cooluser"
16 # first build a list of dirs based on their location in /home/archives.
17 local arch_builder="archons basement codebarn games imaginations musix pooling prewar_toaster stuffing toaster walrus"
18 local ARCHIVE_TOP=/home/archives
21 for dirname in $arch_builder; do
22 arch_addin+="$ARCHIVE_TOP/$dirname "
24 #echo arch addin now is: $arch_addin
26 # special case that makes our software hierarchy folder, if it doesn't exist.
27 # everything else is only re-permed if it exists.
28 if [ ! -d "$DEFAULT_FEISTYMEOW_ORG_DIR" ]; then
29 sudo mkdir "$DEFAULT_FEISTYMEOW_ORG_DIR"
30 continue_on_error "making directory: $DEFAULT_FEISTYMEOW_ORG_DIR"
33 # fix some permissions for important security considerations.
34 if [ -d $homebase/.ssh ]; then
35 harsh_perm $homebase/.ssh
38 #hmmm: consider adding feisty meow apex to the dirname list below.
40 # iterate across the list of dirs we want cooluser to own and change their ownership.
41 for dirname in $homebase \
42 $DEFAULT_FEISTYMEOW_ORG_DIR \
43 /usr/local/${cooluser} \
46 if [ -d "$dirname" ]; then
47 echo "revising ownership on '$dirname'"
48 sudo chown -R ${cooluser}:${cooluser} "$dirname"
49 continue_on_error "chowning for ${cooluser}: $dirname"
53 # special case for archives directory in stuffing.
54 if [ -d /z/stuffing -o -L /z/stuffing ]; then
55 sudo chown ${cooluser}:${cooluser} /z/
56 continue_on_error "chowning /z for ${cooluser}"
57 sudo chmod g+rx,o+rx /z
58 continue_on_error "chmodding /z/ for ${cooluser}"
59 sudo chown ${cooluser}:${cooluser} /z/stuffing/
60 continue_on_error "chowning /z/stuffing for ${cooluser}"
61 sudo chmod g+rx,o-rwx /z/stuffing
62 continue_on_error "chmodding /z/stuffing for ${cooluser}"
63 pushd /z/stuffing &>/dev/null
64 if [ -d archives -o -L archives ]; then
65 sudo chown ${cooluser}:${cooluser} archives/
66 continue_on_error "chowning /z/stuffing/archives for ${cooluser}"
67 sudo chmod -R g+rwx archives
68 continue_on_error "chmodding /z/stuffing/archives for ${cooluser}"
73 # make the log files readable by normal humans.
74 sudo bash $FEISTY_MEOW_SCRIPTS/security/normal_perm.sh /var/log
75 continue_on_error "setting normal perms on /var/log"
78 # this block should execute when the script is actually run, rather
79 # than when it's just being sourced.
81 # this runs the cool permission applier on the current user.
82 if [[ $0 =~ .*cool_permissionator\.sh.* ]]; then
83 THISDIR="$( \cd "$(\dirname "$0")" && /bin/pwd )"
84 export FEISTY_MEOW_APEX="$( \cd "$THISDIR/../.." && \pwd )"
85 source "$THISDIR/../core/launch_feisty_meow.sh"
86 continue_on_error "sourcing the feisty meow launcher"
88 reapply_cool_permissions "$coolio"
89 continue_on_error "reapplying cool permissions on $coolio"