#!/bin/bash
# Reset access rights of a netatalk archive
#
# The archive should be in subfolders named after read/write and readonly groups
# like this: /var/local/netatalk/files_administered_by_admins/admin/users/
#
# Also, the file /etc/local/volumes should contain something like the following
# (indicating the root of all netatalk folders):
#
# NDIR="/var/local/netatalk"
#
[ -f /etc/local/volumes ] || exit 1
. /etc/local/volumes
[ "x$NDIR" = "x" ] && exit 1
if [ $# -eq 0 ]; then
echo "Usage: $0 [create]"
exit 1
fi
if [ "x$1" = "x" ]; then
echo "$0: base directory missing"
exit 1
fi
VOL=$NDIR/$1
if [ "x$2" = "x" ]; then
echo "$0: read group missing"
exit 1
fi
ALL=$2
if [ "x$3" = "x" ]; then
echo "$0: write group missing"
exit 1
fi
GRP=$3
GRPUSER="admin"
id $GRP >/dev/null && GRPUSER=$GRP
if [ "x$4" != "x" ]; then
if [ "x$4" == "xcreate" ]; then
mkdir -p $VOL/$ALL/$GRP || exit
else
echo "Usage: $0 [create]"
exit 1
fi
fi
test -d $VOL/$ALL/$GRP || exit
test -d $VOL/$ALL/$GRP/.AppleDouble || mkdir $VOL/$ALL/$GRP/.AppleDouble
test -d $VOL/$ALL/$GRP/.AppleDesktop || mkdir $VOL/$ALL/$GRP/.AppleDesktop
chown root:$ALL $VOL/$ALL
chown $GRPUSER:$ALL $VOL/$ALL/$GRP
chmod u=rwX,g=rXs,o= $VOL/$ALL
chmod u=rwX,g=rXs,o= $VOL/$ALL/$GRP
echo "People in group $GRP has read/write access through AppleShare"
test $GRP = $ALL || echo "People in group $ALL has read access through AppleShare"
echo "Others have no access"
echo -n "Checking permissions..."
chown -R :$GRP $VOL/$ALL/$GRP \
&& chmod -R u=rwX,g=rwXs,o=rX $VOL/$ALL/$GRP \
&& chmod u=rwX,g=rXs,o=rX $VOL/$ALL/$GRP
echo "."