smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-recursive_setfacl.patch

diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify
--- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify   2011-11-03 12:21:08.000000000 +0100
+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify       2011-11-03 13:07:32.000000000 +0100
@@ -92,75 +92,68 @@
 my %properties = $share->props;
 my @write = split(/[;,]/,($properties {'WriteGroups'} || 'admin'));
 my @read = split(/[;,]/,($properties {'ReadGroups'} || 'admin'));
-$::group = 'admin';
 
-# Make sensible defaults
-$::owner = undef;
-$::fileperm = 0660;
-$::dirperm = 0750;
-
-sub process
-{
-    my $acl = '';
-    if (-l)
-    {
-       $File::Find::prune = 1;
+# Don't reset permissions if ManualPermissions is set to 'yes'
+
+unless ( $perm eq 'yes' || $perm eq 'enabled' ){
+    # Remove existing ACLs
+    system($setfacl,
+        '-R',
+        '--remove-all',
+        '--remove-default',
+        '.');
+
+    # Remove all execute permission
+    system('/bin/chmod',
+           '-R',
+           'a-x',
+           '.');
+
+    # make admin the group owner of everything
+    system('/bin/chgrp',
+           '-R',
+           'admin',
+           '.');
+
+    my $acl = 'u::rwX,g::rwX,o:---,';
+    foreach my $group (@write){
+        $acl .= 'g:'.$group.':rwX,';
     }
-    else
-    {
-       esmith::util::chownFile($::owner, $::group, $_);
-       if (-d)
-       {
-           chmod $::dirperm, $_;
-           chmod $::dirperm, $_;
-           my $perm = ($_ eq '.') ? 'rx':'rwx';
-           foreach my $group (@write){
-               $acl .= 'g:'.$group.':'.$perm.',';
-           }
-           foreach my $group (@read){
-                $acl .= 'g:'.$group.':rx,';
-            }
-           # Set the effective ACLs
-           system($setfacl,
-                       '-m',
-                       $acl,
-                       '--',
-                       $_);
-            # Set the defaults ACLs
-           system($setfacl,
-                       '-d',
-                       '-m',
-                       $acl,
-                       '--',
-                       $_);
-       }
-       elsif (-f)
-       {
-           chmod $::fileperm, $_;
-          foreach my $group (@write){
-               $acl .= 'g:'.$group.':rw,';
-           }
-           foreach my $group (@read){
-               $acl .= 'g:'.$group.':r,';
-           }
-          system($setfacl,
-                '-m',
-               $acl,
-               '--',
-                $_);
-       }
+    foreach my $group (@read){
+        $acl .= 'g:'.$group.':rX,';
     }
-}
 
-# Purge Old ACLs before defining new ones
-# Don't reset permissions if ManualPermissions is set to 'yes'
+    # Set the effective ACLs
+    system($setfacl,
+           '-R',
+           '-m',
+           $acl,
+           '--',
+           '.');
 
-unless ( $perm eq 'yes' || $perm eq 'enabled' ){
+    # Set the default ACL
     system($setfacl,
-       '-R',
-       '--remove-all',
-       '.');
+           '-R',
+           '-d',
+           '--set',
+           $acl,
+           '--',
+           '.');
 
-    find(\&process,  glob("./"));
-}
+    # Now set the permission on the root of the share (no write access here)
+    $acl = '';
+    system($setfacl,
+           '--remove-all',
+           '--remove-default',
+           '.');
 
+    foreach my $group (@write,@read){
+        $acl .= 'g:'.$group.':rX,';
+    }
+
+    system($setfacl,
+           '-m',
+           $acl,
+           '--',
+           '.');
+}
1	unnilennium	1.1	diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify
2			--- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2011-11-03 12:21:08.000000000 +0100
3			+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify 2011-11-03 13:07:32.000000000 +0100
4			@@ -92,75 +92,68 @@
5			my %properties = $share->props;
6			my @write = split(/[;,]/,($properties {'WriteGroups'} \|\| 'admin'));
7			my @read = split(/[;,]/,($properties {'ReadGroups'} \|\| 'admin'));
8			-$::group = 'admin';
9
10			-# Make sensible defaults
11			-$::owner = undef;
12			-$::fileperm = 0660;
13			-$::dirperm = 0750;
14			-
15			-sub process
16			-{
17			- my $acl = '';
18			- if (-l)
19			- {
20			- $File::Find::prune = 1;
21			+# Don't reset permissions if ManualPermissions is set to 'yes'
22			+
23			+unless ( $perm eq 'yes' \|\| $perm eq 'enabled' ){
24			+ # Remove existing ACLs
25			+ system($setfacl,
26			+ '-R',
27			+ '--remove-all',
28			+ '--remove-default',
29			+ '.');
30			+
31			+ # Remove all execute permission
32			+ system('/bin/chmod',
33			+ '-R',
34			+ 'a-x',
35			+ '.');
36			+
37			+ # make admin the group owner of everything
38			+ system('/bin/chgrp',
39			+ '-R',
40			+ 'admin',
41			+ '.');
42			+
43			+ my $acl = 'u::rwX,g::rwX,o:---,';
44			+ foreach my $group (@write){
45			+ $acl .= 'g:'.$group.':rwX,';
46			}
47			- else
48			- {
49			- esmith::util::chownFile($::owner, $::group, $_);
50			- if (-d)
51			- {
52			- chmod $::dirperm, $_;
53			- chmod $::dirperm, $_;
54			- my $perm = ($_ eq '.') ? 'rx':'rwx';
55			- foreach my $group (@write){
56			- $acl .= 'g:'.$group.':'.$perm.',';
57			- }
58			- foreach my $group (@read){
59			- $acl .= 'g:'.$group.':rx,';
60			- }
61			- # Set the effective ACLs
62			- system($setfacl,
63			- '-m',
64			- $acl,
65			- '--',
66			- $_);
67			- # Set the defaults ACLs
68			- system($setfacl,
69			- '-d',
70			- '-m',
71			- $acl,
72			- '--',
73			- $_);
74			- }
75			- elsif (-f)
76			- {
77			- chmod $::fileperm, $_;
78			- foreach my $group (@write){
79			- $acl .= 'g:'.$group.':rw,';
80			- }
81			- foreach my $group (@read){
82			- $acl .= 'g:'.$group.':r,';
83			- }
84			- system($setfacl,
85			- '-m',
86			- $acl,
87			- '--',
88			- $_);
89			- }
90			+ foreach my $group (@read){
91			+ $acl .= 'g:'.$group.':rX,';
92			}
93			-}
94
95			-# Purge Old ACLs before defining new ones
96			-# Don't reset permissions if ManualPermissions is set to 'yes'
97			+ # Set the effective ACLs
98			+ system($setfacl,
99			+ '-R',
100			+ '-m',
101			+ $acl,
102			+ '--',
103			+ '.');
104
105			-unless ( $perm eq 'yes' \|\| $perm eq 'enabled' ){
106			+ # Set the default ACL
107			system($setfacl,
108			- '-R',
109			- '--remove-all',
110			- '.');
111			+ '-R',
112			+ '-d',
113			+ '--set',
114			+ $acl,
115			+ '--',
116			+ '.');
117
118			- find(\&process, glob("./"));
119			-}
120			+ # Now set the permission on the root of the share (no write access here)
121			+ $acl = '';
122			+ system($setfacl,
123			+ '--remove-all',
124			+ '--remove-default',
125			+ '.');
126
127			+ foreach my $group (@write,@read){
128			+ $acl .= 'g:'.$group.':rX,';
129			+ }
130			+
131			+ system($setfacl,
132			+ '-m',
133			+ $acl,
134			+ '--',
135			+ '.');
136			+}