1 |
unnilennium |
1.1 |
diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify |
2 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2011-11-03 12:21:08.000000000 +0100 |
3 |
|
|
+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify 2011-11-03 13:07:32.000000000 +0100 |
4 |
|
|
@@ -92,75 +92,68 @@ |
5 |
|
|
my %properties = $share->props; |
6 |
|
|
my @write = split(/[;,]/,($properties {'WriteGroups'} || 'admin')); |
7 |
|
|
my @read = split(/[;,]/,($properties {'ReadGroups'} || 'admin')); |
8 |
|
|
-$::group = 'admin'; |
9 |
|
|
|
10 |
|
|
-# Make sensible defaults |
11 |
|
|
-$::owner = undef; |
12 |
|
|
-$::fileperm = 0660; |
13 |
|
|
-$::dirperm = 0750; |
14 |
|
|
- |
15 |
|
|
-sub process |
16 |
|
|
-{ |
17 |
|
|
- my $acl = ''; |
18 |
|
|
- if (-l) |
19 |
|
|
- { |
20 |
|
|
- $File::Find::prune = 1; |
21 |
|
|
+# Don't reset permissions if ManualPermissions is set to 'yes' |
22 |
|
|
+ |
23 |
|
|
+unless ( $perm eq 'yes' || $perm eq 'enabled' ){ |
24 |
|
|
+ # Remove existing ACLs |
25 |
|
|
+ system($setfacl, |
26 |
|
|
+ '-R', |
27 |
|
|
+ '--remove-all', |
28 |
|
|
+ '--remove-default', |
29 |
|
|
+ '.'); |
30 |
|
|
+ |
31 |
|
|
+ # Remove all execute permission |
32 |
|
|
+ system('/bin/chmod', |
33 |
|
|
+ '-R', |
34 |
|
|
+ 'a-x', |
35 |
|
|
+ '.'); |
36 |
|
|
+ |
37 |
|
|
+ # make admin the group owner of everything |
38 |
|
|
+ system('/bin/chgrp', |
39 |
|
|
+ '-R', |
40 |
|
|
+ 'admin', |
41 |
|
|
+ '.'); |
42 |
|
|
+ |
43 |
|
|
+ my $acl = 'u::rwX,g::rwX,o:---,'; |
44 |
|
|
+ foreach my $group (@write){ |
45 |
|
|
+ $acl .= 'g:'.$group.':rwX,'; |
46 |
|
|
} |
47 |
|
|
- else |
48 |
|
|
- { |
49 |
|
|
- esmith::util::chownFile($::owner, $::group, $_); |
50 |
|
|
- if (-d) |
51 |
|
|
- { |
52 |
|
|
- chmod $::dirperm, $_; |
53 |
|
|
- chmod $::dirperm, $_; |
54 |
|
|
- my $perm = ($_ eq '.') ? 'rx':'rwx'; |
55 |
|
|
- foreach my $group (@write){ |
56 |
|
|
- $acl .= 'g:'.$group.':'.$perm.','; |
57 |
|
|
- } |
58 |
|
|
- foreach my $group (@read){ |
59 |
|
|
- $acl .= 'g:'.$group.':rx,'; |
60 |
|
|
- } |
61 |
|
|
- # Set the effective ACLs |
62 |
|
|
- system($setfacl, |
63 |
|
|
- '-m', |
64 |
|
|
- $acl, |
65 |
|
|
- '--', |
66 |
|
|
- $_); |
67 |
|
|
- # Set the defaults ACLs |
68 |
|
|
- system($setfacl, |
69 |
|
|
- '-d', |
70 |
|
|
- '-m', |
71 |
|
|
- $acl, |
72 |
|
|
- '--', |
73 |
|
|
- $_); |
74 |
|
|
- } |
75 |
|
|
- elsif (-f) |
76 |
|
|
- { |
77 |
|
|
- chmod $::fileperm, $_; |
78 |
|
|
- foreach my $group (@write){ |
79 |
|
|
- $acl .= 'g:'.$group.':rw,'; |
80 |
|
|
- } |
81 |
|
|
- foreach my $group (@read){ |
82 |
|
|
- $acl .= 'g:'.$group.':r,'; |
83 |
|
|
- } |
84 |
|
|
- system($setfacl, |
85 |
|
|
- '-m', |
86 |
|
|
- $acl, |
87 |
|
|
- '--', |
88 |
|
|
- $_); |
89 |
|
|
- } |
90 |
|
|
+ foreach my $group (@read){ |
91 |
|
|
+ $acl .= 'g:'.$group.':rX,'; |
92 |
|
|
} |
93 |
|
|
-} |
94 |
|
|
|
95 |
|
|
-# Purge Old ACLs before defining new ones |
96 |
|
|
-# Don't reset permissions if ManualPermissions is set to 'yes' |
97 |
|
|
+ # Set the effective ACLs |
98 |
|
|
+ system($setfacl, |
99 |
|
|
+ '-R', |
100 |
|
|
+ '-m', |
101 |
|
|
+ $acl, |
102 |
|
|
+ '--', |
103 |
|
|
+ '.'); |
104 |
|
|
|
105 |
|
|
-unless ( $perm eq 'yes' || $perm eq 'enabled' ){ |
106 |
|
|
+ # Set the default ACL |
107 |
|
|
system($setfacl, |
108 |
|
|
- '-R', |
109 |
|
|
- '--remove-all', |
110 |
|
|
- '.'); |
111 |
|
|
+ '-R', |
112 |
|
|
+ '-d', |
113 |
|
|
+ '--set', |
114 |
|
|
+ $acl, |
115 |
|
|
+ '--', |
116 |
|
|
+ '.'); |
117 |
|
|
|
118 |
|
|
- find(\&process, glob("./")); |
119 |
|
|
-} |
120 |
|
|
+ # Now set the permission on the root of the share (no write access here) |
121 |
|
|
+ $acl = ''; |
122 |
|
|
+ system($setfacl, |
123 |
|
|
+ '--remove-all', |
124 |
|
|
+ '--remove-default', |
125 |
|
|
+ '.'); |
126 |
|
|
|
127 |
|
|
+ foreach my $group (@write,@read){ |
128 |
|
|
+ $acl .= 'g:'.$group.':rX,'; |
129 |
|
|
+ } |
130 |
|
|
+ |
131 |
|
|
+ system($setfacl, |
132 |
|
|
+ '-m', |
133 |
|
|
+ $acl, |
134 |
|
|
+ '--', |
135 |
|
|
+ '.'); |
136 |
|
|
+} |