diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2002-09-04 23:35:52 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2002-09-04 23:35:52 +0000 |
| commit | 73b959903699b19bef805b96c386ed7fe433a33e (patch) | |
| tree | a945de312bc312d8e157718a972041df04b42b12 | |
| parent | d904590d8673bd33ce2b1c866db9d34f56de34e7 (diff) | |
Add support in user-init for webphpsites and webphpdata, and tighten access rights on all web* dirs.
| -rwxr-xr-x | localmkpostfixvirtual | 5 | ||||
| -rwxr-xr-x | user-init | 24 |
2 files changed, 24 insertions, 5 deletions
diff --git a/localmkpostfixvirtual b/localmkpostfixvirtual index 8afec20..12af73f 100755 --- a/localmkpostfixvirtual +++ b/localmkpostfixvirtual @@ -3,7 +3,7 @@ # /usr/local/sbin/localmkpostfixvirtual # Copyright 2001-2002 Jonas Smedegaard <dr@jones.dk> # -# $Id: localmkpostfixvirtual,v 1.7 2002-07-20 18:40:49 jonas Exp $ +# $Id: localmkpostfixvirtual,v 1.8 2002-09-04 23:35:52 jonas Exp $ # # Generate virtual file for postfix # @@ -21,6 +21,9 @@ # Optional: root can have hints like "postmaster@ hostmaster@ support@" # (default: "postmaster@"). # +# Suggestion: Add mailgroup users like this: +# adduser --system --no-create-home --group --disabled-password <uid> +# # TODO: reuse getent requests (drastically improves speed) # TODO: Write command "members" as internal code # @@ -212,7 +212,7 @@ for user in $USERS; do # Web shares permissions for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/websites"`; do chown root: $dir - chmod u+rw,go+r,a+X $dir + chmod a=r,u+w,a+X $dir done for dir in `find $HOME -mindepth 2 -maxdepth 2 -type d | egrep "^$HOME/websites/"`; do chown -R $user: $dir @@ -226,7 +226,7 @@ for user in $USERS; do done for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/webscripts"`; do chown root: $dir - chmod u+rw,go+r,a+X $dir + chmod a=r,u+w,a+X $dir done for dir in `find $HOME -mindepth 2 -maxdepth 2 -type d | egrep "^$HOME/webscripts/"`; do chown -R $user: $dir @@ -236,11 +236,27 @@ for user in $USERS; do done for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/webdata"`; do chown root: $dir - chmod u+rw,go+r,a+X $dir + chmod a=r,u+w,a+X $dir done for dir in `find $HOME -mindepth 2 -maxdepth 2 -type d | egrep "^$HOME/webdata/"`; do chown -R $user: $dir - chmod -R u=rw,go=r,a+X $dir + chmod -R u=rw,go=,u+X $dir + done + for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/webphpsites"`; do + chown root: $dir + chmod a=r,u+w,a+X $dir + done + for dir in `find $HOME -mindepth 2 -maxdepth 2 -type d | egrep "^$HOME/webphpsites/"`; do + chown -R $user:www-data $dir + chmod -R ug=rw,o=r,a+X $dir + done + for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/webphpdata"`; do + chown root: $dir + chmod a=r,u+w,a+X $dir + done + for dir in `find $HOME -mindepth 2 -maxdepth 2 -type d | egrep "^$HOME/webphpdata/"`; do + chown -R $user:www-data $dir + chmod -R ug=rw,o=,ug+X $dir done # Dummy user restrictions |