/[smecontribs]/rpms/smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-recursive_setfacl.patch
ViewVC logotype

Contents of /rpms/smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-recursive_setfacl.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Sun Mar 3 22:04:40 2013 UTC (11 years, 8 months ago) by unnilennium
Branch: MAIN
CVS Tags: smeserver-shared-folders-0_1-80_el5_sme, smeserver-shared-folders-0_1-83_el5_sme, smeserver-shared-folders-0_1-84_el5_sme, smeserver-shared-folders-0_1-82_el5_sme, smeserver-shared-folders-0_1-87_el5_sme, smeserver-shared-folders-0_1-86_el5_sme, smeserver-shared-folders-0_1-81_el5_sme, smeserver-shared-folders-0_1-85_el5_sme, smeserver-shared-folders-0_1-79_el5_sme, HEAD 
Initial import
1 diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify
2 --- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2011-11-03 12:21:08.000000000 +0100
3 +++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/events/actions/share-modify 2011-11-03 13:07:32.000000000 +0100
4 @@ -92,75 +92,68 @@
5 my %properties = $share->props;
6 my @write = split(/[;,]/,($properties {'WriteGroups'} || 'admin'));
7 my @read = split(/[;,]/,($properties {'ReadGroups'} || 'admin'));
8 -$::group = 'admin';
9
10 -# Make sensible defaults
11 -$::owner = undef;
12 -$::fileperm = 0660;
13 -$::dirperm = 0750;
14 -
15 -sub process
16 -{
17 - my $acl = '';
18 - if (-l)
19 - {
20 - $File::Find::prune = 1;
21 +# Don't reset permissions if ManualPermissions is set to 'yes'
22 +
23 +unless ( $perm eq 'yes' || $perm eq 'enabled' ){
24 + # Remove existing ACLs
25 + system($setfacl,
26 + '-R',
27 + '--remove-all',
28 + '--remove-default',
29 + '.');
30 +
31 + # Remove all execute permission
32 + system('/bin/chmod',
33 + '-R',
34 + 'a-x',
35 + '.');
36 +
37 + # make admin the group owner of everything
38 + system('/bin/chgrp',
39 + '-R',
40 + 'admin',
41 + '.');
42 +
43 + my $acl = 'u::rwX,g::rwX,o:---,';
44 + foreach my $group (@write){
45 + $acl .= 'g:'.$group.':rwX,';
46 }
47 - else
48 - {
49 - esmith::util::chownFile($::owner, $::group, $_);
50 - if (-d)
51 - {
52 - chmod $::dirperm, $_;
53 - chmod $::dirperm, $_;
54 - my $perm = ($_ eq '.') ? 'rx':'rwx';
55 - foreach my $group (@write){
56 - $acl .= 'g:'.$group.':'.$perm.',';
57 - }
58 - foreach my $group (@read){
59 - $acl .= 'g:'.$group.':rx,';
60 - }
61 - # Set the effective ACLs
62 - system($setfacl,
63 - '-m',
64 - $acl,
65 - '--',
66 - $_);
67 - # Set the defaults ACLs
68 - system($setfacl,
69 - '-d',
70 - '-m',
71 - $acl,
72 - '--',
73 - $_);
74 - }
75 - elsif (-f)
76 - {
77 - chmod $::fileperm, $_;
78 - foreach my $group (@write){
79 - $acl .= 'g:'.$group.':rw,';
80 - }
81 - foreach my $group (@read){
82 - $acl .= 'g:'.$group.':r,';
83 - }
84 - system($setfacl,
85 - '-m',
86 - $acl,
87 - '--',
88 - $_);
89 - }
90 + foreach my $group (@read){
91 + $acl .= 'g:'.$group.':rX,';
92 }
93 -}
94
95 -# Purge Old ACLs before defining new ones
96 -# Don't reset permissions if ManualPermissions is set to 'yes'
97 + # Set the effective ACLs
98 + system($setfacl,
99 + '-R',
100 + '-m',
101 + $acl,
102 + '--',
103 + '.');
104
105 -unless ( $perm eq 'yes' || $perm eq 'enabled' ){
106 + # Set the default ACL
107 system($setfacl,
108 - '-R',
109 - '--remove-all',
110 - '.');
111 + '-R',
112 + '-d',
113 + '--set',
114 + $acl,
115 + '--',
116 + '.');
117
118 - find(\&process, glob("./"));
119 -}
120 + # Now set the permission on the root of the share (no write access here)
121 + $acl = '';
122 + system($setfacl,
123 + '--remove-all',
124 + '--remove-default',
125 + '.');
126
127 + foreach my $group (@write,@read){
128 + $acl .= 'g:'.$group.':rX,';
129 + }
130 +
131 + system($setfacl,
132 + '-m',
133 + $acl,
134 + '--',
135 + '.');
136 +}
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed