Date: Fri, 16 Nov 2001 11:32:58 +0200 From: "Patrick O'Reilly" <patrick@mip.co.za> To: <jessie@power-jessie.net>, <freebsd-questions@FreeBSD.ORG> Subject: RE: help on system accounts Message-ID: <NDBBIMKICMDGDMNOOCAICEKGDOAA.patrick@mip.co.za> In-Reply-To: <NDBBIMKICMDGDMNOOCAIGEKDDOAA.patrick@mip.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Jessie,
I went digging and found this script (way down below) that I wrote a while
ago for someone with a similar problem to yours.
When I run the script with no arguments (to get anywhere with this you will
need to be root):
================
root@oz:/home/patrick/scr# sh fix-home-perms
Script to fix permissions within /home
usage: fix-home-perms [username|ALL] [group (default)] [dir mode (755)]
[file mode (644)]
root@oz:/home/patrick/scr#
================
It is a little crude. The command-line arguments given above, work as
follows:
[username|ALL]
: you MUST specify a user to fix, or use the keyword "ALL". (I hope you do
not have a user account called "ALL" :)
[group (default)]
: you may specify a group name. If you don't, the script will determine
the default group for the user by looking in /etc/passwd.
[dir mode (755)]
: you may specify the mode (for 'chmod') for directories in the user tree.
The script defaults to 755, but you might consider hacking the script to
make the default 750.
[file mode (644)]
: similar idea to [dir mode], different default.
So, you could invoke the script like so:
================
root@oz:/home/patrick/scr# sh fix-home-perms patrick wheel 700 600
================
This would set patrick's home directory to mode 700, with all files set to
mode 600, and all ownerships set to patrick:wheel.
Or, you could invoke the script like so:
================
root@oz:/home/patrick/scr# sh fix-home-perms ALL "" 750
================
This would set all user's home directories to mode 750, with all files set
to mode 644 (default), and all ownerships set to owned by user and group as
set in /etc/passwd.
For safety, the script will prompt you to confirm before proceeding, like
so:
================
root@oz:/home/patrick/scr# sh fix-home-perms ALL "" 750
Do you wish to fix /home permissions as follows:
User: ahmed anthony carol chess claire claudia dave demetrius derick
develop don frede ftp gran gran jacques jasonf jill jm karen karenhi leona
marcia marion marius merissa mip neilf paresh patrick peter pm prtd rich
ross spiros stefan stephen wilhelm willie
Group:
File Mode: 644
Dir Mode: 750
(y/n)
Exiting without any changes...
================
As you can see, I did not type "y" or "Y", so the script terminated.
BTW: The user list which is automatically built when you specify "ALL" is
built by comparing all directory names under /home with account entries in
/etc/passwd. Only names which are found in both places are processed, so
the list should be clean.
PS: I use 'sh' to invoke the script because I keep the script with mode 644
to prevent accidents. Also, because the script resides in
/home/patrick/scr, it tends to set itself back to 644 whenever I run it! ;)
OK, enough already - here's the script:
================
#!/bin/bash
# ./fix-home-perms
# Shell Script to set standardised ownership and modes on users'
# /home/$LOGNAME directory trees.
# Defaults are set for the convenience of the wizard of oz.
# Patrick O'Reilly
# 17 June 2001.
cd /home
user=${1}
group=${2}
dirmod=${3}
filemod=${4}
if [ "${user}" = "" ]
then
echo "Script to fix permissions within /home"
echo "usage: fix-home-perms [username|ALL] [group (default)] [dir mode
(755)] [file mode (644)]"
exit 0
fi
if [ "${user}" = "ALL" ]
then
for usr in `ls`
do
goodusr=`grep "^${usr}:" /etc/passwd | cut -d":" -f1`
users="${users} ${goodusr}"
done
else
goodusr=`grep "^${user}" /etc/passwd | cut -d":" -f1`
users=${goodusr}
fi
if [ "${users}" = "" ]
then
echo "The user name [${user}] is invalid"
exit 0
fi
if [ "${group}" = "" ]
then
defgroup="yes"
fi
if [ "${dirmod}" = "" ]
then
dirmod="755"
fi
if [ "${filemod}" = "" ]
then
filemod="644"
fi
echo "Do you wish to fix /home permissions as follows:"
echo "User: " $users
echo "Group: " $group
echo "File Mode: " $filemod
echo "Dir Mode: " $dirmod
echo "(y/n)"
read answer
if [ "$answer" != "y" -a "$answer" != "Y" ]
then
echo Exiting without any changes...
exit 0
fi
for user in ${users}
do
echo "Fixing $user..."
if [ "${defgroup}" = "yes" ]
then
group=`grep "^${user}:" /etc/passwd | cut -d":" -f4`
fi
find ./${user} -exec chown ${user} {} \;
find ./${user} -exec chgrp ${group} {} \;
find ./${user} -type d -exec chmod ${dirmod} {} \;
find ./${user} -type f -exec chmod ${filemod} {} \;
done
cd -
echo "That's all folks..."
================
I am sure some smarter folks will be able to tell us how to make this more
efficient! :)
Patrick.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBIMKICMDGDMNOOCAICEKGDOAA.patrick>