-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path__update_permissions
More file actions
executable file
·91 lines (77 loc) · 2.56 KB
/
__update_permissions
File metadata and controls
executable file
·91 lines (77 loc) · 2.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#!/bin/bash
#- update permissions for cemac directory
# make things group writeable where appropriate
# make things read only where appropriate
# set CEMAC_DIR:
CEMAC_DIR='/users/cemac'
# set CEMAC_SOFTWARE:
CEMAC_SOFTWARE="${CEMAC_DIR}/software"
# set group for group ownerships:
CEMAC_GROUP='cemac'
# check CEMAC_DIR directory:
if [ ! -d "${CEMAC_DIR}" ] ; then
echo "${CEMAC_DIR} directory does not appear to exist"
exit
fi
# set environment:
PATH='/usr/bin'
LD_LIBRARY_PATH=''
export PATH LD_LIBRARY_PATH
# CEMAC_DIR should be owned by group, and group writeable:
chgrp ${CEMAC_GROUP} ${CEMAC_DIR}
chmod 2775 ${CEMAC_DIR}
# top level files which should be group writeable:
chgrp ${CEMAC_GROUP} \
${CEMAC_DIR}/{cemac.csh,cemac.sh,LICENSE,README.md,__update_permissions}
chmod g+rwX \
${CEMAC_DIR}/{cemac.csh,cemac.sh,LICENSE,README.md,__update_permissions}
# git directory:
GIT_DIR="${CEMAC_DIR}/.git"
# make git directory group writeable:
chgrp -R ${CEMAC_GROUP} ${GIT_DIR}
find ${GIT_DIR} -type d -exec chmod g+s '{}' +
chmod -R g+rwX ${GIT_DIR}
# set group ownership of top level directories:
find ${CEMAC_SOFTWARE} -maxdepth 2 -type d -exec chgrp ${CEMAC_GROUP} '{}' +
find ${CEMAC_SOFTWARE} -maxdepth 2 -type d -exec chmod g+s '{}' +
# try to make build directories group writeable:
BUILD_DIRS=$(find ${CEMAC_SOFTWARE}/build -maxdepth 2 -type d ! -perm -g=w)
for BUILD_DIR in ${BUILD_DIRS}
do
chmod -R g+rwX ${BUILD_DIR}
done
# make application parent directories group writeable:
chmod g+rwX ${CEMAC_SOFTWARE}/apps/*
chmod g+rwX ${CEMAC_SOFTWARE}/apps/*/*
chmod g+rwX ${CEMAC_SOFTWARE}/compilers/*
chmod g+rwX ${CEMAC_SOFTWARE}/compilers/*/*
chmod g+rwX ${CEMAC_SOFTWARE}/libraries/*
chmod g+rwX ${CEMAC_SOFTWARE}/libraries/*/*
# make installed apps read only:
for INSTALLED_DIR in apps compilers libraries
do
# try to find directories which are not read only:
APP_DIRS=$(find \
${CEMAC_SOFTWARE}/${INSTALLED_DIR}/*/* \
-maxdepth 1 \
-mindepth 1 \
-type d \
-writable)
for APP_DIR in ${APP_DIRS}
do
chmod -R a-w ${APP_DIR}
done
done
# modulefiles ... :
chmod -R a+rX ${CEMAC_SOFTWARE}/modulefiles
chmod -R g+rwX ${CEMAC_SOFTWARE}/modulefiles
# make data directory group writeable:
DATA_DIR="${CEMAC_DIR}/data"
chgrp -R ${CEMAC_GROUP} ${DATA_DIR}
find ${DATA_DIR} -type d -exec chmod g+s '{}' +
chmod -R g+rwX ${DATA_DIR}
# make cron directory group writeable:
CRON_DIR="${CEMAC_DIR}/cron"
chgrp -R ${CEMAC_GROUP} ${CRON_DIR}
find ${CRON_DIR} -type d -exec chmod g+s '{}' +
chmod -R g+rwX ${CRON_DIR}