Mots clés :  
  security 
  
  bash 
 
Voici un script qui permet de remettre les bons droits sur les fichiers, les dossiers et les exécutables. Pratique, quand on a à modifier les droits sur tout une arboresence, ça évite d'écrire et re-écrire des lignes de commandes plutôt longue.




0x01. SCRIPT

 
#!/bin/bash
 
APP="$(basename $0)"
verbose=0
 
R="\e[1;31m"
J="\e[1;33m"
B="\e[0m"
 
right_files=644
right_dirs=755
right_exes=755
owner_user=$(echo $HOME|cut -d'/' -f3)
owner_group=$(groups $owner_user|cut -d':' -f2|awk '{ print $1 }')
chmodexec=$HOME/.local/scr/chmod.exec # chmod 755 if file is an executable
tmp="/tmp/chmodme.$$.$(date +%"s").lst"
 
 
usage()
{
  echo "
Usage: $APP [-f mode] [-d mode] [-x mode] [-u user] [-g group] [-t target_dir]
 
  -f : mode to apply on files      (default: $right_files)
  -d : mode to apply on dirs       (default: $right_dirs)
  -x : mode to apply on executable (file \$f|grep 'exec') (default: $right_exec)
  -u : change owner to user        (default: do not change)
  -g : change group owner          (default: do not change)
  -t : folder to apply changes     (default: .)
  -v : be verbose (-v)
"
  exit 0
}
 
 
while getopts "f:d:u:g:x:vt:" option
do
  case $option in
    "f") right_files=$OPTARG  ;;
    "d") right_dirs=$OPTARG   ;;
    "u") owner_user=$OPTARG   ;;
    "g") owner_group=$OPTARG  ;;
    "x") right_exes=$OPTARG   ;;
    "t") target_dir=$OPTARG   ;;
    "v") arg="-v"             ;;
      *) usage                ;;
  esac
done
 
printf "
Rights file: $J$right_files$B, dirs: $J$right_dirs$B, exec.: $J$right_exes$B
 
Owner .....: $J$owner_user$B, group: $J$owner_group$B
 
cd '$target_dir'
find . -type f -print0 |xargs -0 chmod $arg $right_files
find . -type d -print0 |xargs -0 chmod $arg $right_dirs
find . -type f|xargs -I {} $chmodexec $rights_exes "{}"
 
"
 
printf $R'WARNING ! Operation cannot be undone, please confirm by pressing a key.'$B ; read
echo
 
cd "$target_dir"
 
printf "Setting rights on files..."
find . -type f -print0 |xargs -0 chmod $arg $right_files
printf "\b\b\b, done."
 
printf "\nSetting rights on folders..."
find . -type d -print0 |xargs -0 chmod $arg $right_dirs
printf "\b\b\b, done."
 
printf "\nSetting rights on executables..."
# find . -type f|while read f; do file "$f"|egrep -q "exec"  && chmod $arg $right_exes "$f" ; done
find . -type f|xargs file > "$tmp.1"
grep 'execut' "$tmp.1"|cut -d':' -f1 > "$tmp"
while read e ; do chmod $arg $right_exes "$e" ; done < "$tmp"
rm -f "$tmp" "$tmp.1"
 
if [ "$owner_user:$owner_group" != ":" ] && [ "$(id -u)" = "0" ]; then
  printf "\nOwning files with $owner_user:$owner_group..."
  chown $arg -R $owner_user:$owner_group .
  printf "\b\b\b, done."
fi
 
printf "\n\n"
 
 
 
 
 


   =>   Écrit par : Nicolas, le 14 octobre 2015


 
Mots clés :  
  security 
  
  bash 
    >   Articles connexes :

/tmp et /var/log en noexec sur macOS



Durcissement de Windows



Chiffrement multicouche



HTTP Download



1527759