egscripts/egsetdrupalacls/egsetdiracls

#!/bin/bash

# the webserver group...  This is the same on all Debian and Ubuntu servers...
DEFAULT_GROUP=www-data
DEFAULT_WRITEABLE=0

usage() {
  cat <<EOT

  Usage: $0 [ -g group ] [ -w ] dir [ dir ... ]

  Set permissions recursively on a directory for web access

  OPTIONS

    -g group  -   Set the group to enable access for
    -u user   -   Set a user to enable access for
    -w        -   Make files and directories writeable (default read-only)

  If neither -u or -g is specified, acls are set for the default group
  (Default: ${DEFAULT_GROUP})

EOT
}

while getopts "hwg:u:" OPT ; do
  case "${OPT}" in
    h)
      usage
      exit 0
      ;;
    w)
      arg_writeable=1
      ;;
    g)
      arg_group=${OPTARG}
      ;;
    u)
      arg_user=${OPTARG}
      ;;
    *)
      usage
      exit 1
      ;;
  esac
done

shift $(($OPTIND - 1))

if [ $# -lt 1 ] ; then
  usage
  exit 1
fi

writeable=${arg_writeable-$DEFAULT_WRITEABLE}

unix_dir_mode="2770"
unix_file_mode="0660"

dir_acl="u::rwx,g::rwx"
file_acl="u::rw,g::rw"

extra_perm="r"

if [ ${writeable} -eq 1 ] ; then
  extra_perm="${extra_perm}w"
fi

# -u was provided
if [ -n "${arg_user}" ] ; then
  dir_acl="${dir_acl},u:${arg_user}:${extra_perm}x"
  file_acl="${file_acl},u:${arg_user}:${extra_perm}"
fi

# -g was provided
if [ -n "${arg_group}" ] ; then
  dir_acl="${dir_acl},g:${arg_group}:${extra_perm}x"
  file_acl="${file_acl},g:${arg_group}:${extra_perm}"
fi

# If neither -u or -g was given, assume default group acl is required
if [ -z "${arg_user}" ] && [ -z "${arg_group}" ] ; then
  dir_acl="${dir_acl},g:${DEFAULT_GROUP}:${extra_perm}x"
  file_acl="${file_acl},g:${DEFAULT_GROUP}:${extra_perm}"
fi

for dir in $@ ; do
  if [ ! -d "${dir}" ] ; then
    echo "WARN: ${dir} is not a directory ... skipping"
    continue
  fi
  echo "Processing ${dir} ..."
  echo "Changing directory permissions to ${unix_dir_mode}"
  find ${dir} -type d -print0 | xargs -0 -r chmod ${unix_dir_mode}
  echo "Changing file permissions to ${unix_file_mode}"
  find ${dir} -type f -print0 | xargs -0 -r chmod ${unix_file_mode}
  echo "Changing directory acls to ${dir_acl}"
  find ${dir} -type d -print0 | xargs -0 -r setfacl -m ${dir_acl}
  echo "Changing default directory acls to ${dir_acl}"
  find ${dir} -type d -print0 | xargs -0 -r setfacl --default -m ${dir_acl}
  echo "Changing file acls to ${file_acl}"
  find ${dir} -type f -print0 | xargs -0 -r setfacl -m ${file_acl}
done

echo "Done"

exit 0
initial commit of a whole bunch of old Egressive shell scripts, used to make many people redundant. 2016-03-16 13:43:31 +13:00			`#!/bin/bash`

			`# the webserver group... This is the same on all Debian and Ubuntu servers...`
			`DEFAULT_GROUP=www-data`
			`DEFAULT_WRITEABLE=0`

			`usage() {`
			`cat <<EOT`

			`Usage: $0 [ -g group ] [ -w ] dir [ dir ... ]`

			`Set permissions recursively on a directory for web access`

			`OPTIONS`

			`-g group - Set the group to enable access for`
			`-u user - Set a user to enable access for`
			`-w - Make files and directories writeable (default read-only)`

			`If neither -u or -g is specified, acls are set for the default group`
			`(Default: ${DEFAULT_GROUP})`

			`EOT`
			`}`

			`while getopts "hwg:u:" OPT ; do`
			`case "${OPT}" in`
			`h)`
			`usage`
			`exit 0`
			`;;`
			`w)`
			`arg_writeable=1`
			`;;`
			`g)`
			`arg_group=${OPTARG}`
			`;;`
			`u)`
			`arg_user=${OPTARG}`
			`;;`
			`*)`
			`usage`
			`exit 1`
			`;;`
			`esac`
			`done`

			`shift $(($OPTIND - 1))`

			`if [ $# -lt 1 ] ; then`
			`usage`
			`exit 1`
			`fi`

			`writeable=${arg_writeable-$DEFAULT_WRITEABLE}`

			`unix_dir_mode="2770"`
			`unix_file_mode="0660"`

			`dir_acl="u::rwx,g::rwx"`
			`file_acl="u::rw,g::rw"`

			`extra_perm="r"`

			`if [ ${writeable} -eq 1 ] ; then`
			`extra_perm="${extra_perm}w"`
			`fi`

			`# -u was provided`
			`if [ -n "${arg_user}" ] ; then`
			`dir_acl="${dir_acl},u:${arg_user}:${extra_perm}x"`
			`file_acl="${file_acl},u:${arg_user}:${extra_perm}"`
			`fi`

			`# -g was provided`
			`if [ -n "${arg_group}" ] ; then`
			`dir_acl="${dir_acl},g:${arg_group}:${extra_perm}x"`
			`file_acl="${file_acl},g:${arg_group}:${extra_perm}"`
			`fi`

			`# If neither -u or -g was given, assume default group acl is required`
			`if [ -z "${arg_user}" ] && [ -z "${arg_group}" ] ; then`
			`dir_acl="${dir_acl},g:${DEFAULT_GROUP}:${extra_perm}x"`
			`file_acl="${file_acl},g:${DEFAULT_GROUP}:${extra_perm}"`
			`fi`

			`for dir in $@ ; do`
			`if [ ! -d "${dir}" ] ; then`
			`echo "WARN: ${dir} is not a directory ... skipping"`
			`continue`
			`fi`
			`echo "Processing ${dir} ..."`
			`echo "Changing directory permissions to ${unix_dir_mode}"`
			`find ${dir} -type d -print0 \| xargs -0 -r chmod ${unix_dir_mode}`
			`echo "Changing file permissions to ${unix_file_mode}"`
			`find ${dir} -type f -print0 \| xargs -0 -r chmod ${unix_file_mode}`
			`echo "Changing directory acls to ${dir_acl}"`
			`find ${dir} -type d -print0 \| xargs -0 -r setfacl -m ${dir_acl}`
			`echo "Changing default directory acls to ${dir_acl}"`
			`find ${dir} -type d -print0 \| xargs -0 -r setfacl --default -m ${dir_acl}`
			`echo "Changing file acls to ${file_acl}"`
			`find ${dir} -type f -print0 \| xargs -0 -r setfacl -m ${file_acl}`
			`done`

			`echo "Done"`

			`exit 0`