3 # a library file for redoing file ownership and permissions as we feel is
4 # appropriate. this approach is a little bit specific to our way of doing
5 # things, but it does handle a lot of important fixes everyone would want,
6 # like making ~/.ssh really secure.
8 # cleans up the ownership and permissions for all of the important files and dirs.
9 function reapply_cool_permissions()
11 local cooluser="$1"; shift
13 #hmmm: check for non empty name.
14 local homebase="/home/$cooluser"
16 # first build a list of dirs based on their location in /home/archives.
17 local arch_builder="archons basement codebarn games imaginations musix pooling prewar_toaster stuffing toaster walrus"
18 local ARCHIVE_TOP=/home/archives
21 for dirname in $arch_builder; do
22 arch_addin+="$ARCHIVE_TOP/$dirname "
24 #echo arch addin now is: $arch_addin
26 # now another round with similar setup, to ensure we get any directories
27 # that actually live out in /z but not in /home/archives.
29 for dirname in $arch_builder; do
30 arch_addin+="$ARCHIVE_TOP/$dirname "
32 #echo arch addin now is: $arch_addin
34 # special case that makes our software hierarchy folder, if it doesn't exist.
35 # everything else is only re-permed if it exists.
36 if [ ! -d "$DEFAULT_FEISTYMEOW_ORG_DIR" ]; then
37 sudo mkdir "$DEFAULT_FEISTYMEOW_ORG_DIR"
38 continue_on_error "making directory: $DEFAULT_FEISTYMEOW_ORG_DIR"
41 # fix some permissions for important security considerations.
42 if [ -d $homebase/.ssh ]; then
43 harsh_perm $homebase/.ssh
46 #hmmm: consider adding feisty meow apex to the dirname list below.
48 # iterate across the list of dirs we want cooluser to own and change their ownership.
49 for dirname in $homebase \
50 $DEFAULT_FEISTYMEOW_ORG_DIR \
51 /usr/local/${cooluser} \
54 if [ -d "$dirname" -o -L "$dirname" ]; then
55 echo "revising ownership on '$dirname'"
56 sudo chown -R ${cooluser}:${cooluser} "$dirname"
57 continue_on_error "chowning for ${cooluser}: $dirname"
61 # special case for archives directory in stuffing.
62 if [ -d /z/stuffing -o -L /z/stuffing ]; then
63 sudo chown ${cooluser}:${cooluser} /z/
64 continue_on_error "chowning /z for ${cooluser}"
65 sudo chmod g+rx,o+rx /z
66 continue_on_error "chmodding /z/ for ${cooluser}"
67 sudo chown ${cooluser}:${cooluser} /z/stuffing/
68 continue_on_error "chowning /z/stuffing for ${cooluser}"
69 sudo chmod g+rx,o-rwx /z/stuffing
70 continue_on_error "chmodding /z/stuffing for ${cooluser}"
71 pushd /z/stuffing &>/dev/null
72 if [ -d archives -o -L archives ]; then
73 sudo chown ${cooluser}:${cooluser} archives/
74 continue_on_error "chowning /z/stuffing/archives for ${cooluser}"
75 sudo chmod -R g+rwx archives
76 continue_on_error "chmodding /z/stuffing/archives for ${cooluser}"
81 # make the log files readable by normal humans.
82 sudo bash $FEISTY_MEOW_SCRIPTS/security/normal_perm.sh /var/log
83 continue_on_error "setting normal perms on /var/log"
86 # this block should execute when the script is actually run, rather
87 # than when it's just being sourced.
89 # this runs the cool permission applier on the current user.
90 if [[ $0 =~ .*cool_permissionator\.sh.* ]]; then
91 THISDIR="$( \cd "$(\dirname "$0")" && /bin/pwd )"
92 export FEISTY_MEOW_APEX="$( \cd "$THISDIR/../.." && \pwd )"
93 source "$THISDIR/../core/launch_feisty_meow.sh"
94 continue_on_error "sourcing the feisty meow launcher"
96 reapply_cool_permissions "$coolio"
97 continue_on_error "reapplying cool permissions on $coolio"