Handle new shares.<sharetype> sharing scheme. Support space in /root. Echo WARNING when it is not a fatal error.

1 files changed, 74 insertions, 4 deletions

diff --git a/user-init b/user-init
index bdfa116..3be2fc6 100755
--- a/user-init
+++ b/user-init
@@ -48,8 +48,8 @@ fi
 
 echo "Setting up additional folders and permissions..."
 for user in $USERS; do
-	uid=`getent passwd $user | awk -F: '{print $3}' | head -1`
-	HOME=`getent passwd $user | awk -F: '{print $6}' | head -1`
+	uid="`getent passwd \"$user\" | awk -F: '{print $3}' | head -1`"
+	HOME="`getent passwd \"$user\" | awk -F: '{print $6}' | head -1`"
 	if [ -z "$HOME" ]; then
 		echo "User $user doesn't exist. Ignoring..."
 		continue
@@ -163,7 +163,77 @@ for user in $USERS; do
 		fi
 	fi
 
-	# Share permissions
+	# Fileshares: <home>/shares.<sharetype>/<rogroup>/<rwgroup>/<sharename>
+	#   <sharetype>: Either mac or win depending on which of netatalk and samba provides r/w access to the shares
+	#   <rwgroup>:   Group with write access to the share (usually the default group of the owner)
+	#   <rogroup>:   Either rwgroup or secondary group with read-only access to the share
+	#   owner must be member of both groups, and rwgroup members must also be members of rogroup
+	find "$HOME" -mindepth 1 -maxdepth 1 -type d -print | egrep "^$HOME/shares\." | (while read thisdir; do
+		sharetype="`basename \"$thisdir\" | awk -F. '{print $2}'`"
+		# Define dir and file exceptions
+		exceptions="$dirs_group_rw_create/$dirs_group_ro_create/$files_group_ro_update/$dirs_no_access_purge"
+		case "$sharetype" in
+		    mac)
+			dirs_group_rw_create='.AppleDB/.AppleDesktop/Temporary Items/TheFindByContentFolder'
+			dirs_group_ro_create='TheVolumeSettingsFolder'
+			files_group_ro_update=':2eDS_Store'
+			dirs_no_access_purge='Network Trash Folder'
+			;;
+		    win)
+			;;
+		    *)
+			continue
+			;;
+		esac
+		chmod a=rX "$thisdir"
+		chown "$user": "$thisdir"
+		find "$thisdir" -mindepth 1 -maxdepth 1 -type d -print | (while read thisdir; do
+			rogroup="`basename \"$thisdir\"`"
+			chmod ug=rX,o= "$thisdir"
+			chgrp "$rogroup" "$thisdir"
+			find "$thisdir" -mindepth 1 -maxdepth 1 -type d -print | (while read thisdir; do
+				rwgroup="`basename \"$thisdir\"`"
+				chgrp "$rwgroup" "$thisdir"
+				chmod a=rX,g+s "$thisdir"
+				find "$thisdir" -mindepth 1 -maxdepth 1 -type d -print | (while read thisdir; do
+					sharename="`basename \"$thisdir\"`"
+					chgrp "$rwgroup" "$thisdir"
+					chmod u=rw,go=r,a+X,g+s "$thisdir"
+					ifs="$IFS"
+					# Set default permissions
+					find "$thisdir" -mindepth 1 -maxdepth 1 -print | (while read thisdir; do
+						IFS="/"; for dir in $exceptions; do IFS="$ifs";
+							continue 2
+						done
+						chgrp -R "$rwgroup" "$thisdir"
+						chmod -R ug=rw,o=r,a+X,g+s "$thisdir"
+					done)
+					# Handle exceptions
+					IFS="/"; for dir in $dirs_group_rw_create; do IFS="$ifs";
+						mkdir -p -m ug=rw,o=r,a+X,g+s "$thisdir/$dir"
+						chmod -R ug=rw,o=r,a+X,g+s "$thisdir/$dir"
+					done
+					IFS="/"; for dir in $dirs_group_ro_create; do IFS="$ifs";
+						mkdir -p -m u=rw,go=r,a+X,g+s "$thisdir/$dir"
+						chmod -R u=rw,go=r,a+X,g+s "$thisdir/$dir"
+					done
+					IFS="/"; for file in $files_group_ro_update; do IFS="$ifs";
+						if [ -f "$thisdir/$file" ]; then
+							chmod u=rw,go=r,g+s "$thisdir/$file"
+						fi
+					done
+					IFS="/"; for dir in $dirs_no_access_purge; do IFS="$ifs";
+						rm -rf "$thisdir/$dir"
+						mkdir -m a= "$thisdir/$dir"
+						chown nobody: "$thisdir/$dir"
+					done
+					IFS="$ifs"
+				done)
+			done)
+		done)
+	done)
+
+	# Deprecated share permissions
 	for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/shares_win"`; do
 		chgrp -R $user $dir
 		chmod -R u=rw,g=rw,o=,ug+X,g+s $dir
@@ -269,7 +339,7 @@ for user in $USERS; do
 				ln -sf $DUMMYSHAREDIR/$user $HOME/$DUMMYSHARENAME
 				chown $user: $HOME/$DUMMYSHARENAME
 			else
-				echo "ERROR: $HOME/$DUMMYSHAREDIR exists already. Leaving it as is..."
+				echo "WARNING: $HOME/$DUMMYSHAREDIR exists already. Leaving it as is..."
 			fi
 		else
 			ln -s $DUMMYSHAREDIR/$user $HOME/$DUMMYSHARENAME