-
Notifications
You must be signed in to change notification settings - Fork 1
/
__update_permissions
executable file
·85 lines (71 loc) · 2.49 KB
/
__update_permissions
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/bash
#- update permissions for cemac arc4 directory
# make things group writeable where appropriate
# make things read only where appropriate
# check CEMAC_DIR variable:
if [ -z "${CEMAC_DIR}" ] ; then
echo "please check CEMAC_DIR variable"
exit
fi
# check CEMAC_DIR directory:
if [ ! -d "${CEMAC_DIR}" ] ; then
echo "${CEMAC_DIR} directory does not appear to exist"
exit
fi
# CEMAC data should be owned by group ear-cemac, and group writeable:
chgrp ear-cemac ${CEMAC_DIR}
chmod 2775 ${CEMAC_DIR}
# Top level files which should be group writeable:
chgrp ear-cemac \
${CEMAC_DIR}/{cemac.sh,cemac.csh,LICENSE,README.md,__update_permissions}
chmod g+rwX \
${CEMAC_DIR}/{cemac.sh,cemac.csh,LICENSE,README.md,__update_permissions}
# git directory:
GIT_DIR="${CEMAC_DIR}/.git"
# make git directory group writeable:
chgrp -R ear-cemac ${GIT_DIR}
find ${GIT_DIR} -type d -exec chmod g+s '{}' \;
chmod -R g+rwX ${GIT_DIR}
# software directory:
SOFTWARE_DIR="${CEMAC_DIR}/software"
# set group ownership of top level directories:
find ${SOFTWARE_DIR} -maxdepth 2 -type d -exec chgrp ear-cemac '{}' \;
find ${SOFTWARE_DIR} -maxdepth 2 -type d -exec chmod g+s '{}' \;
###chgrp -R ear-cemac ${SOFTWARE_DIR}
###find ${SOFTWARE_DIR} -type d -exec chmod g+s '{}' \;
# try to make build directories group writeable:
for BUILD_DIR in $(find ${SOFTWARE_DIR}/build -maxdepth 2 -type d \
! -perm -g=w)
do
chmod -R g+rwX ${BUILD_DIR}
done
###chmod -R g+rwX ${SOFTWARE_DIR}/build
# make application parent directories group writeable:
chmod g+rwX ${SOFTWARE_DIR}/apps/*
chmod g+rwX ${SOFTWARE_DIR}/apps/*/*
chmod g+rwX ${SOFTWARE_DIR}/compilers/*
chmod g+rwX ${SOFTWARE_DIR}/compilers/*/*
chmod g+rwX ${SOFTWARE_DIR}/libraries/*
chmod g+rwX ${SOFTWARE_DIR}/libraries/*/*
# make installed apps read only:
for INSTALLED_DIR in apps compilers libraries
do
# try to find directories which are not read only:
for APP_DIR in $(find ${SOFTWARE_DIR}/${INSTALLED_DIR}/*/* \
-maxdepth 1 -mindepth 1 -type d -writable)
do
chmod -R a-w ${APP_DIR}
done
done
###chmod -R a-w ${SOFTWARE_DIR}/apps/*/*/*
###chmod -R a-w ${SOFTWARE_DIR}/compilers/*/*/*
###chmod -R a-w ${SOFTWARE_DIR}/libraries/*/*/*
# modulefiles ... :
chmod -R a+rX ${SOFTWARE_DIR}/modulefiles
chmod -R g+rwX ${SOFTWARE_DIR}/modulefiles
# cron directory:
CRON_DIR="${CEMAC_DIR}/cron"
# make cron directory group writeable:
chgrp -R ear-cemac ${CRON_DIR}
find ${CRON_DIR} -type d -exec chmod g+s '{}' \;
chmod -R g+rwX ${CRON_DIR}