From owner-freebsd-questions Fri Nov 16 1:28:53 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mip.co.za (puck.mip.co.za [209.212.106.44]) by hub.freebsd.org (Postfix) with ESMTP id AF2B337B416 for ; Fri, 16 Nov 2001 01:28:40 -0800 (PST) Received: from patrick (patrick.mip.co.za [10.3.13.181]) by mip.co.za (8.9.3/8.9.3) with SMTP id LAA11682; Fri, 16 Nov 2001 11:28:34 +0200 (SAST) (envelope-from patrick@mip.co.za) From: "Patrick O'Reilly" To: , Subject: RE: help on system accounts Date: Fri, 16 Nov 2001 11:32:58 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Jessie, I went digging and found this script (way down below) that I wrote a while ago for someone with a similar problem to yours. When I run the script with no arguments (to get anywhere with this you will need to be root): ================ root@oz:/home/patrick/scr# sh fix-home-perms Script to fix permissions within /home usage: fix-home-perms [username|ALL] [group (default)] [dir mode (755)] [file mode (644)] root@oz:/home/patrick/scr# ================ It is a little crude. The command-line arguments given above, work as follows: [username|ALL] : you MUST specify a user to fix, or use the keyword "ALL". (I hope you do not have a user account called "ALL" :) [group (default)] : you may specify a group name. If you don't, the script will determine the default group for the user by looking in /etc/passwd. [dir mode (755)] : you may specify the mode (for 'chmod') for directories in the user tree. The script defaults to 755, but you might consider hacking the script to make the default 750. [file mode (644)] : similar idea to [dir mode], different default. So, you could invoke the script like so: ================ root@oz:/home/patrick/scr# sh fix-home-perms patrick wheel 700 600 ================ This would set patrick's home directory to mode 700, with all files set to mode 600, and all ownerships set to patrick:wheel. Or, you could invoke the script like so: ================ root@oz:/home/patrick/scr# sh fix-home-perms ALL "" 750 ================ This would set all user's home directories to mode 750, with all files set to mode 644 (default), and all ownerships set to owned by user and group as set in /etc/passwd. For safety, the script will prompt you to confirm before proceeding, like so: ================ root@oz:/home/patrick/scr# sh fix-home-perms ALL "" 750 Do you wish to fix /home permissions as follows: User: ahmed anthony carol chess claire claudia dave demetrius derick develop don frede ftp gran gran jacques jasonf jill jm karen karenhi leona marcia marion marius merissa mip neilf paresh patrick peter pm prtd rich ross spiros stefan stephen wilhelm willie Group: File Mode: 644 Dir Mode: 750 (y/n) Exiting without any changes... ================ As you can see, I did not type "y" or "Y", so the script terminated. BTW: The user list which is automatically built when you specify "ALL" is built by comparing all directory names under /home with account entries in /etc/passwd. Only names which are found in both places are processed, so the list should be clean. PS: I use 'sh' to invoke the script because I keep the script with mode 644 to prevent accidents. Also, because the script resides in /home/patrick/scr, it tends to set itself back to 644 whenever I run it! ;) OK, enough already - here's the script: ================ #!/bin/bash # ./fix-home-perms # Shell Script to set standardised ownership and modes on users' # /home/$LOGNAME directory trees. # Defaults are set for the convenience of the wizard of oz. # Patrick O'Reilly # 17 June 2001. cd /home user=${1} group=${2} dirmod=${3} filemod=${4} if [ "${user}" = "" ] then echo "Script to fix permissions within /home" echo "usage: fix-home-perms [username|ALL] [group (default)] [dir mode (755)] [file mode (644)]" exit 0 fi if [ "${user}" = "ALL" ] then for usr in `ls` do goodusr=`grep "^${usr}:" /etc/passwd | cut -d":" -f1` users="${users} ${goodusr}" done else goodusr=`grep "^${user}" /etc/passwd | cut -d":" -f1` users=${goodusr} fi if [ "${users}" = "" ] then echo "The user name [${user}] is invalid" exit 0 fi if [ "${group}" = "" ] then defgroup="yes" fi if [ "${dirmod}" = "" ] then dirmod="755" fi if [ "${filemod}" = "" ] then filemod="644" fi echo "Do you wish to fix /home permissions as follows:" echo "User: " $users echo "Group: " $group echo "File Mode: " $filemod echo "Dir Mode: " $dirmod echo "(y/n)" read answer if [ "$answer" != "y" -a "$answer" != "Y" ] then echo Exiting without any changes... exit 0 fi for user in ${users} do echo "Fixing $user..." if [ "${defgroup}" = "yes" ] then group=`grep "^${user}:" /etc/passwd | cut -d":" -f4` fi find ./${user} -exec chown ${user} {} \; find ./${user} -exec chgrp ${group} {} \; find ./${user} -type d -exec chmod ${dirmod} {} \; find ./${user} -type f -exec chmod ${filemod} {} \; done cd - echo "That's all folks..." ================ I am sure some smarter folks will be able to tell us how to make this more efficient! :) Patrick. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message