|
|
@ -6,50 +6,37 @@ |
|
|
# Description: Checks script, files and folders ownership and permissions. |
|
|
# Description: Checks script, files and folders ownership and permissions. |
|
|
|
|
|
|
|
|
local commandname="CHECK" |
|
|
local commandname="CHECK" |
|
|
|
|
|
local function_selfname="$(basename $(readlink -f "${BASH_SOURCE[0]}"))" |
|
|
# Useful variables |
|
|
|
|
|
currentuser="$(whoami)" |
|
|
|
|
|
currentgroups="$(groups)" |
|
|
|
|
|
scriptfullpath="${rootdir}/${selfname}" |
|
|
|
|
|
conclusionpermissionerror="0" |
|
|
|
|
|
|
|
|
|
|
|
fn_check_ownership(){ |
|
|
fn_check_ownership(){ |
|
|
# Check script ownership |
|
|
if [ $(find "${rootdir}" -not -user $(whoami)|wc -l) -ne "0" ]; then |
|
|
if [ ! -O "${scriptfullpath}" ] && [ ! -G "${scriptfullpath}" ]; then |
|
|
fn_print_fail_nl "Permissions issues found" |
|
|
fn_print_fail_nl "Oops ! Ownership issue..." |
|
|
fn_script_log_fatal "Permissions issues found" |
|
|
echo " * Current - ${currentuser} - user or its group(s) - ${currentgroups} - does not own \"${selfname}\"" |
|
|
fn_print_infomation_nl "The current user ($(whoami)) does not have ownership of the following files:" |
|
|
echo " * To check the owner and allowed groups, run ls -l \"${selfname}\"" |
|
|
fn_script_log_info "The current user ($(whoami)) does not have ownership of the following files:" |
|
|
exit 1 |
|
|
{ |
|
|
fi |
|
|
echo -e "User\tGroup\tFile\n" |
|
|
|
|
|
find "${rootdir}" -not -user $(whoami) -printf "%u\t\t%g\t%p\n" |
|
|
# Check rootdir ownership |
|
|
} | column -s $'\t' -t | tee -a "${scriptlog}" |
|
|
if [ ! -O "${rootdir}" ] && [ ! -G "${rootdir}" ]; then |
|
|
core_exit.sh |
|
|
fn_print_fail_nl "Oops ! Ownership issue..." |
|
|
|
|
|
echo " * Current - ${currentuser} - user or its group(s) - ${currentgroups} - does not own \"${rootdir}\"" |
|
|
|
|
|
echo " * To check the owner and allowed groups, run ls -dl \"${rootdir}\"" |
|
|
|
|
|
exit 1 |
|
|
|
|
|
fi |
|
|
fi |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
# Check functions ownership |
|
|
fn_check_permissions(){ |
|
|
funownfail="0" |
|
|
|
|
|
if [ -n "${functionsdir}" ]; then |
|
|
if [ -n "${functionsdir}" ]; then |
|
|
while read -r filename |
|
|
if [ $(find "${functionsdir}" -type f -not -executable|wc -l) -ne "0" ]; then |
|
|
do |
|
|
fn_print_fail_nl "Permissions issues found" |
|
|
if [ ! -O "${filename}" ] && [ ! -G "${filename}" ]; then |
|
|
fn_script_log_fatal "Permissions issues found" |
|
|
funownfail="1" |
|
|
fn_print_infomation_nl "The following files are not executable:" |
|
|
conclusionpermissionerror="1" |
|
|
fn_script_log_info "The following files are not executable:" |
|
|
fi |
|
|
{ |
|
|
done <<< "$(find "${functionsdir}" -name "*.sh")" |
|
|
echo -e "File\n" |
|
|
|
|
|
find "${functionsdir}" -type f -not -executable -printf "%p\n" |
|
|
if [ "${funownfail}" == "1" ]; then |
|
|
} | column -s $'\t' -t | tee -a "${scriptlog}" |
|
|
fn_print_fail_nl "Oops ! Ownership issue..." |
|
|
core_exit.sh |
|
|
echo " * Current - ${currentuser} - user or its group(s) - ${currentgroups} - does not own all scripts in \"${functionsdir}\"" |
|
|
|
|
|
echo " * To check the owner and allowed groups, run ls -l \"${functionsdir}\"" |
|
|
|
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
fn_check_permissions(){ |
|
|
|
|
|
# Check rootdir permissions |
|
|
# Check rootdir permissions |
|
|
if [ -n "${rootdir}" ]; then |
|
|
if [ -n "${rootdir}" ]; then |
|
|
# Get permission numbers on folder under the form 775 |
|
|
# Get permission numbers on folder under the form 775 |
|
|
@ -58,42 +45,15 @@ fn_check_permissions(){ |
|
|
userrootdirperm="${rootdirperm:0:1}" |
|
|
userrootdirperm="${rootdirperm:0:1}" |
|
|
grouprootdirperm="${rootdirperm:1:1}" |
|
|
grouprootdirperm="${rootdirperm:1:1}" |
|
|
if [ "${userrootdirperm}" != "7" ] && [ "${grouprootdirperm}" != "7" ]; then |
|
|
if [ "${userrootdirperm}" != "7" ] && [ "${grouprootdirperm}" != "7" ]; then |
|
|
fn_print_fail_nl "Oops ! Permission issue..." |
|
|
fn_print_fail_nl "Permissions issues found" |
|
|
echo " * Current - ${currentuser} - user or its group(s) - ${currentgroups} need full control of \"${rootdir}\"" |
|
|
fn_script_log_fatal "Permissions issues found" |
|
|
echo " * You might wanna run : chmod -R 770 \"${rootdir}\"" |
|
|
fn_print_infomation_nl "The following directorys does not have the correct permissions:" |
|
|
conclusionpermissionerror="1" |
|
|
fn_script_log_info "The following directorys does not have the correct permissions:" |
|
|
|
|
|
ls -l "${rootdir}" |
|
|
|
|
|
core_exit.sh |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
# Check functions permissions |
|
|
|
|
|
funcpermfail="0" |
|
|
|
|
|
if [ -n "${functionsdir}" ]; then |
|
|
|
|
|
while read -r filename |
|
|
|
|
|
do |
|
|
|
|
|
funcperm="$(stat -c %a "${filename}")" |
|
|
|
|
|
userfuncdirperm="${funcperm:0:1}" |
|
|
|
|
|
groupfuncdirperm="${funcperm:1:1}" |
|
|
|
|
|
if [ "${userfuncdirperm}" != "7" ] && [ "${groupfuncdirperm}" != "7" ]; then |
|
|
|
|
|
funcpermfail="1" |
|
|
|
|
|
conclusionpermissionerror="1" |
|
|
|
|
|
fi |
|
|
|
|
|
done <<< "$(find "${functionsdir}" -name "*.sh")" |
|
|
|
|
|
|
|
|
|
|
|
if [ "${funcpermfail}" == "1" ]; then |
|
|
|
|
|
fn_print_fail_nl "Oops ! Permission issue..." |
|
|
|
|
|
echo " * Current - ${currentuser} - user or its group(s) - ${currentgroups} need full control on scripts in \"${functionsdir}\"" |
|
|
|
|
|
echo " * You might wanna run : chmod -R 770 \"${functionsdir}\"" |
|
|
|
|
|
fi |
|
|
|
|
|
fi |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
fn_check_permissions_conclusion(){ |
|
|
|
|
|
# Exit if errors found |
|
|
|
|
|
if [ "${conclusionpermissionerror}" == "1" ]; then |
|
|
|
|
|
exit 1 |
|
|
|
|
|
fi |
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
fn_check_ownership |
|
|
fn_check_ownership |
|
|
fn_check_permissions |
|
|
fn_check_permissions |
|
|
fn_check_permissions_conclusion |
|
|
|
Daniel Gibbs
9 years ago