33 lines
1.0 KiB
Bash
Executable File
33 lines
1.0 KiB
Bash
Executable File
#!/bin/sh
|
|
# -*- mode: sh; tab-width: 8; coding: utf-8-unix -*-
|
|
|
|
# very dangerous
|
|
[ "$#" -gt 0 ] && ROOT=$1 || ROOT=/
|
|
[ -d "$ROOT" ] || exit 1
|
|
|
|
ROLE=base
|
|
|
|
cd $ROOT || exit 2
|
|
GROUP=adm
|
|
[ -f /usr/local/etc/testforge/testforge.bash ] && . /usr/local/etc/testforge/testforge.bash
|
|
[ -n "$BOX_ALSO_GROUP" ] && GROUP=$BOX_ALSO_GROUP
|
|
|
|
if [ -d ${ROOT}/var/local ] ; then
|
|
# allow
|
|
chgrp -R $GROUP ${ROOT}/var/local/{bin,data,lib64,src,net}
|
|
chmod -R g+rw,o-w ${ROOT}/var/local/{bin,data,lib64,src,net}
|
|
chmod a+x ${ROOT}/var/local/{bin,src,share/bash}/*sh
|
|
# if [ -d ${ROOT}/var/local/src/lynis ] ; then
|
|
|
|
chgrp -R $GROUP ${ROOT}/var/local/{bin,data,lib64,src,net}
|
|
# forbid /var
|
|
chgrp -R root ${ROOT}/var/local/{etc,var,share}
|
|
chmod -R g-w,o-w ${ROOT}/var/local/{etc,var,share}
|
|
fi
|
|
if [ -d ${ROOT}/usr/local ] ; then
|
|
# forbid /usr but lib/python* will be created and allowed on install
|
|
chgrp -R root ${ROOT}/usr/local/
|
|
chmod -R g-w,o-rw ${ROOT}/usr/local/
|
|
fi
|
|
exit 0
|