From ec6fb2e684efc2996b79f325524e9c84b29855c6 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Thu, 13 Mar 2003 02:13:39 +0000 Subject: Handle new shares. sharing scheme. Support space in /root. Echo WARNING when it is not a fatal error. --- user-init | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 74 insertions(+), 4 deletions(-) (limited to 'user-init') diff --git a/user-init b/user-init index bdfa116..3be2fc6 100755 --- a/user-init +++ b/user-init @@ -48,8 +48,8 @@ fi echo "Setting up additional folders and permissions..." for user in $USERS; do - uid=`getent passwd $user | awk -F: '{print $3}' | head -1` - HOME=`getent passwd $user | awk -F: '{print $6}' | head -1` + uid="`getent passwd \"$user\" | awk -F: '{print $3}' | head -1`" + HOME="`getent passwd \"$user\" | awk -F: '{print $6}' | head -1`" if [ -z "$HOME" ]; then echo "User $user doesn't exist. Ignoring..." continue @@ -163,7 +163,77 @@ for user in $USERS; do fi fi - # Share permissions + # Fileshares: /shares./// + # : Either mac or win depending on which of netatalk and samba provides r/w access to the shares + # : Group with write access to the share (usually the default group of the owner) + # : Either rwgroup or secondary group with read-only access to the share + # owner must be member of both groups, and rwgroup members must also be members of rogroup + find "$HOME" -mindepth 1 -maxdepth 1 -type d -print | egrep "^$HOME/shares\." | (while read thisdir; do + sharetype="`basename \"$thisdir\" | awk -F. '{print $2}'`" + # Define dir and file exceptions + exceptions="$dirs_group_rw_create/$dirs_group_ro_create/$files_group_ro_update/$dirs_no_access_purge" + case "$sharetype" in + mac) + dirs_group_rw_create='.AppleDB/.AppleDesktop/Temporary Items/TheFindByContentFolder' + dirs_group_ro_create='TheVolumeSettingsFolder' + files_group_ro_update=':2eDS_Store' + dirs_no_access_purge='Network Trash Folder' + ;; + win) + ;; + *) + continue + ;; + esac + chmod a=rX "$thisdir" + chown "$user": "$thisdir" + find "$thisdir" -mindepth 1 -maxdepth 1 -type d -print | (while read thisdir; do + rogroup="`basename \"$thisdir\"`" + chmod ug=rX,o= "$thisdir" + chgrp "$rogroup" "$thisdir" + find "$thisdir" -mindepth 1 -maxdepth 1 -type d -print | (while read thisdir; do + rwgroup="`basename \"$thisdir\"`" + chgrp "$rwgroup" "$thisdir" + chmod a=rX,g+s "$thisdir" + find "$thisdir" -mindepth 1 -maxdepth 1 -type d -print | (while read thisdir; do + sharename="`basename \"$thisdir\"`" + chgrp "$rwgroup" "$thisdir" + chmod u=rw,go=r,a+X,g+s "$thisdir" + ifs="$IFS" + # Set default permissions + find "$thisdir" -mindepth 1 -maxdepth 1 -print | (while read thisdir; do + IFS="/"; for dir in $exceptions; do IFS="$ifs"; + continue 2 + done + chgrp -R "$rwgroup" "$thisdir" + chmod -R ug=rw,o=r,a+X,g+s "$thisdir" + done) + # Handle exceptions + IFS="/"; for dir in $dirs_group_rw_create; do IFS="$ifs"; + mkdir -p -m ug=rw,o=r,a+X,g+s "$thisdir/$dir" + chmod -R ug=rw,o=r,a+X,g+s "$thisdir/$dir" + done + IFS="/"; for dir in $dirs_group_ro_create; do IFS="$ifs"; + mkdir -p -m u=rw,go=r,a+X,g+s "$thisdir/$dir" + chmod -R u=rw,go=r,a+X,g+s "$thisdir/$dir" + done + IFS="/"; for file in $files_group_ro_update; do IFS="$ifs"; + if [ -f "$thisdir/$file" ]; then + chmod u=rw,go=r,g+s "$thisdir/$file" + fi + done + IFS="/"; for dir in $dirs_no_access_purge; do IFS="$ifs"; + rm -rf "$thisdir/$dir" + mkdir -m a= "$thisdir/$dir" + chown nobody: "$thisdir/$dir" + done + IFS="$ifs" + done) + done) + done) + done) + + # Deprecated share permissions for dir in `find $HOME -mindepth 1 -maxdepth 1 -type d | egrep "^$HOME/shares_win"`; do chgrp -R $user $dir chmod -R u=rw,g=rw,o=,ug+X,g+s $dir @@ -269,7 +339,7 @@ for user in $USERS; do ln -sf $DUMMYSHAREDIR/$user $HOME/$DUMMYSHARENAME chown $user: $HOME/$DUMMYSHARENAME else - echo "ERROR: $HOME/$DUMMYSHAREDIR exists already. Leaving it as is..." + echo "WARNING: $HOME/$DUMMYSHAREDIR exists already. Leaving it as is..." fi else ln -s $DUMMYSHAREDIR/$user $HOME/$DUMMYSHARENAME -- cgit v1.2.3