From 8afd9d4d9b76328fe60ca999987f4b87343a1da4 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Thu, 20 Mar 2008 16:36:53 +0000 Subject: New script to watch dirs and enforce access rights (only implemented for ~/public_images/* for now... --- localfixaccessrights | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100755 localfixaccessrights (limited to 'localfixaccessrights') diff --git a/localfixaccessrights b/localfixaccessrights new file mode 100755 index 0000000..9cf1561 --- /dev/null +++ b/localfixaccessrights @@ -0,0 +1,104 @@ +#!/bin/sh +# +# /usr/local/bin/localfixaccessrights +# Copyright 2008 Jonas Smedegaard +# +# $Id: localfixaccessrights,v 1.1 2008-03-20 16:36:53 jonas Exp $ +# +# Adjust access rights to follow directory-based policy +# +# TODO: Implement options: +# --help +# --run-once +# --init +# --verbose +# --debug +# +# TODO: Support overriding defaults in rc-file +# +# FIXME: Implement more of the local policy... +# + +set -e + +PRG=$(basename "$0") + +showhelp() { + cat <&2 "Error: $1" + echo >&2 "Exiting..." + exit 1 +} + +# Sanity checks +for dir in "$@"; do + [ -d "$dir" ] || exit1 "Directory \"$dir\" is not a directory" +done + +getbasename() { + basename "$1" +} + +getbits() { + ls -l "$1" | awk '{print $1}' +} + +setprivate() { + case "$(getbits "$1")" in + drwx------) + : + ;; + d*) + chmod -f u=rwx,go= "$path" || true + ;; + -rw-------) + : + ;; + -*) + chmod -f u=rw,go= "$path" || true + ;; + esac +} +setpublic() { + case "$(getbits "$1")" in + drwxr?xr-x) + : + ;; + d*) + chmod -f u=rwx,g+rx,o=rx "$path" || true + ;; + -rw-r?-r--) + : + ;; + -*) + chmod -f u=rw,g+r,g-x,o=r "$path" || true + ;; + esac +} + +fileschanged -r -s created,changed "$@" | while read path; do + + case "$path" in + "$HOME"/public_images/*) + case "$(getbasename "$path")" in + .*) + setprivate "$path" + continue + ;; + esac + + setpublic "$path" + continue + ;; + esac +done + +exit 0 -- cgit v1.2.3