DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
sorry, for the long waiting time but <insert your favorite plea here>
so here it is, fine, not so small and fully commented!
Code:
#!/bin/bash
#
# homerights - script to change access rights and owner of
# home directories
#
# 2005 by Florian Harbich (doc.nice)
#
# created after a request of ??? (danimalz) on www.linuxquestions.org
# credits for fixes and improvements to
# - Rick (archtoad6)
# - ??? (anomie)
# - ??? (fotoguy)
#
# this script can be freely copied, as long as the orginal
# author(s) remain mentioned.
######################################################
# USERCONFIG SECTION
######################################################
# base dir for home directories
HOMEBASE="/home"
# group name if no group called after the username exists
COMMONGRP="users"
# rights for home directories with common group
# the rights for the user directory are reset to 0000 before
# appying this string to be able to use X together
# with --recursive without keeping an old x right
COMMONGRPRIGHTS="u=rwX,g-rwXs,o-rwxt"
# rights for home directories with individual group
# the rights for the user directory are reset to 0000 before
# appying this string to be able to use X together
# with --recursive without keeping an old x right
USERGRPRIGHTS="u=rwX,g=rwXs,o=t"
# extra options for chown (i.e. --recursive)
CHOWNOPTS=""
# extra options for chmod (i.e.--recursive)
# this is normally not needed, without access to the directory
# one also can't access the file therein.
CHMODOPTS=""
######################################################
# END OF USERCONFIG SECTION
# do not edit below this line
######################################################
# fix variables and set sensible defaults if unset
HOMEBASE="${HOMEBASE:=/home}"
HOMEBASE="${HOMEBASE%/}"
COMMONGROUP="${COMMONGROUP:=users}"
COMMONRPRIGHTS="${COMMONGRPRIGHTS:=u+rwX,g+rwX,o-rwx}"
USERGRPRIGHTS="${USERGRPRIGHTS:=u+rwX,g+rwX,o-rwx}"
if [ \( "$1" == "-h" \) -o \( "$1" == "--help" \) ]; then
cat >&2 <<EOF
Aufruf: $(basename $0) [-h] [-r]
script to change access rights and owner of home directories
-h --help show this help
-r --really without this switch, the script will ony
show what would happen, but doesn't really
perform the actions.
Will change all user directories in ${HOMEBASE}.
The owners will be changed to be the same as the
directory name and the group will be the same if
it exists, else it will be set to ${COMMONGRP}.
Rights for directories with individual group will
be changed to ${USERGRPRIGHTS}
rights for directories with common groups will
be set to ${COMMONGRPRIGHTS}.
EOF
exit 0
fi
# sanity checks
if [ -z "$(grep "^${COMMONGRP}:" /etc/group)" ]; then
# common group not in group auth file
echo "common group ${COMMONGRP} doesn't exist! aborting." >&2
exit 1
fi
if [ ! -d "${HOMEBASE}" ]; then
# base directory not found
echo "base directory ${HOMEBASE} not found! aborting." >&2
exit 1
fi
if [ \( "$1" == "-r" \) -o \( "$1" == "--really" \) ]; then
# really perform changes
REALACTION="dontbelazy"
else
# only show changes, but don't perform
REALACTION=""
fi
[ "${REALACTION}" ] && echo "$1 specified, changes are really applied!" >&2
# main part
for DIR in $(ls -d -1 --quoting-style=escape ${HOMEBASE}/*/); do
DIR="$(basename "${DIR}")"
echo "setting rights for ${DIR}"
if grep -q "^${DIR}:" /etc/passwd; then
# user with directory name found
if grep -q "^${DIR}:" /etc/group; then
# group with directory name found,
# use individual group mode for this directory
echo " user has its own group, setting individual mode"
if [ "${REALACTION}" ]; then
chown ${CHOWNOPTS} ${DIR}:${DIR} "${HOMEBASE}/${DIR}"
# fix for X and recursive mode, see in CONFIG section
chmod 0000 "${HOMEBASE}/${DIR}"
chmod ${CHMODOPTS} ${USERGRPRIGHTS} "${HOMEBASE}/${DIR}"
else
echo "chown ${CHOWNOPTS} ${DIR}:${DIR} \"${HOMEBASE}/${DIR}\""
echo "chmod ${CHMODOPTS} ${USERGRPRIGHTS} \"${HOMEBASE}/${DIR}\""
fi
else
# no group with directory name found,
# use common group mode for this directory
echo " user has no own group, setting common mode"
if [ "${REALACTION}" ]; then
chown ${CHOWNOPTS} ${DIR}:${COMMONGRP} "${HOMEBASE}/${DIR}"
# fix for X and recursive mode, see in CONFIG section
chmod 0000 "${HOMEBASE}/${DIR}"
chmod ${CHMODOPTS} ${COMMONGRPRIGHTS} "${HOMEBASE}/${DIR}"
else
echo "chown ${CHOWNOPTS} ${DIR}:${COMMONGRP} \"${HOMEBASE}/${DIR}\""
echo "chmod ${CHMODOPTS} ${COMMONGRPRIGHTS} \"${HOMEBASE}/${DIR}\""
fi
fi
else
# no user with directory name found,
# ignore this directory
echo " no username for this directory, skipping..."
fi
done
if [ -z "${REALACTION}" ]; then
echo "no changes were made to your filesystem," >&2
echo "use -r or --really to really apply" >&2
fi
I know this thread is old. but I'm trying to do exactly (well, kind of) the opposite of what the original poster did.
I want a default umask of 003, so if I add user alice to group john, Alice can rwx John's files (at the moment, Alice can only r-x John's files).
there is a file /etc/profile which I suppose sets the default umask of the whole system to 022.
If I edit this file, will that work (the debian manual doesn't tell)? or is there a better way to do it?
This file will set the umask for any NEW usery to what is set therein,
it is copied to .profile in the new usery homedir.
so you can set the usmask and AFTERWARDS create the user or edit/create the file .profile in the existing homedir and set the umask there.
(and afterwards set the variables in my script above and run it to fix the rights of all existing files...)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
awaiting the results.
