/[smecontribs]/rpms/smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-recursive_setfacl.patch
ViewVC logotype

Annotation of /rpms/smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-recursive_setfacl.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Sun Mar 3 22:04:40 2013 UTC (11 years, 8 months ago) by unnilennium
Branch: MAIN
CVS Tags: smeserver-shared-folders-0_1-80_el5_sme, smeserver-shared-folders-0_1-83_el5_sme, smeserver-shared-folders-0_1-84_el5_sme, smeserver-shared-folders-0_1-82_el5_sme, smeserver-shared-folders-0_1-87_el5_sme, smeserver-shared-folders-0_1-86_el5_sme, smeserver-shared-folders-0_1-81_el5_sme, smeserver-shared-folders-0_1-85_el5_sme, smeserver-shared-folders-0_1-79_el5_sme, HEAD
Initial import

1 unnilennium 1.1 diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify
2     --- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2011-11-03 12:21:08.000000000 +0100
3     +++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify 2011-11-03 13:07:32.000000000 +0100
4     @@ -92,75 +92,68 @@
5     my %properties = $share->props;
6     my @write = split(/[;,]/,($properties {'WriteGroups'} || 'admin'));
7     my @read = split(/[;,]/,($properties {'ReadGroups'} || 'admin'));
8     -$::group = 'admin';
9    
10     -# Make sensible defaults
11     -$::owner = undef;
12     -$::fileperm = 0660;
13     -$::dirperm = 0750;
14     -
15     -sub process
16     -{
17     - my $acl = '';
18     - if (-l)
19     - {
20     - $File::Find::prune = 1;
21     +# Don't reset permissions if ManualPermissions is set to 'yes'
22     +
23     +unless ( $perm eq 'yes' || $perm eq 'enabled' ){
24     + # Remove existing ACLs
25     + system($setfacl,
26     + '-R',
27     + '--remove-all',
28     + '--remove-default',
29     + '.');
30     +
31     + # Remove all execute permission
32     + system('/bin/chmod',
33     + '-R',
34     + 'a-x',
35     + '.');
36     +
37     + # make admin the group owner of everything
38     + system('/bin/chgrp',
39     + '-R',
40     + 'admin',
41     + '.');
42     +
43     + my $acl = 'u::rwX,g::rwX,o:---,';
44     + foreach my $group (@write){
45     + $acl .= 'g:'.$group.':rwX,';
46     }
47     - else
48     - {
49     - esmith::util::chownFile($::owner, $::group, $_);
50     - if (-d)
51     - {
52     - chmod $::dirperm, $_;
53     - chmod $::dirperm, $_;
54     - my $perm = ($_ eq '.') ? 'rx':'rwx';
55     - foreach my $group (@write){
56     - $acl .= 'g:'.$group.':'.$perm.',';
57     - }
58     - foreach my $group (@read){
59     - $acl .= 'g:'.$group.':rx,';
60     - }
61     - # Set the effective ACLs
62     - system($setfacl,
63     - '-m',
64     - $acl,
65     - '--',
66     - $_);
67     - # Set the defaults ACLs
68     - system($setfacl,
69     - '-d',
70     - '-m',
71     - $acl,
72     - '--',
73     - $_);
74     - }
75     - elsif (-f)
76     - {
77     - chmod $::fileperm, $_;
78     - foreach my $group (@write){
79     - $acl .= 'g:'.$group.':rw,';
80     - }
81     - foreach my $group (@read){
82     - $acl .= 'g:'.$group.':r,';
83     - }
84     - system($setfacl,
85     - '-m',
86     - $acl,
87     - '--',
88     - $_);
89     - }
90     + foreach my $group (@read){
91     + $acl .= 'g:'.$group.':rX,';
92     }
93     -}
94    
95     -# Purge Old ACLs before defining new ones
96     -# Don't reset permissions if ManualPermissions is set to 'yes'
97     + # Set the effective ACLs
98     + system($setfacl,
99     + '-R',
100     + '-m',
101     + $acl,
102     + '--',
103     + '.');
104    
105     -unless ( $perm eq 'yes' || $perm eq 'enabled' ){
106     + # Set the default ACL
107     system($setfacl,
108     - '-R',
109     - '--remove-all',
110     - '.');
111     + '-R',
112     + '-d',
113     + '--set',
114     + $acl,
115     + '--',
116     + '.');
117    
118     - find(\&process, glob("./"));
119     -}
120     + # Now set the permission on the root of the share (no write access here)
121     + $acl = '';
122     + system($setfacl,
123     + '--remove-all',
124     + '--remove-default',
125     + '.');
126    
127     + foreach my $group (@write,@read){
128     + $acl .= 'g:'.$group.':rX,';
129     + }
130     +
131     + system($setfacl,
132     + '-m',
133     + $acl,
134     + '--',
135     + '.');
136     +}

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed