chmod_secure_web 2.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. #!/bin/sh
  2. #set -x
  3. ###
  4. #
  5. # Author: Stéphane HUC
  6. # mail: devs@stephane-huc.net
  7. #
  8. # License: GNU/GPL 3
  9. #
  10. # Github: https://git.framasoft.org/hucste/tools
  11. #
  12. # Date: 2016/03/31
  13. #
  14. ###
  15. clear
  16. ###
  17. #
  18. # Chmod 4 more secure web files
  19. #
  20. ###
  21. arg="$1"
  22. dir='/srv/www/*/www/'
  23. RACINE="$(dirname $(readlink -f -- "$0"))"
  24. active() {
  25. [ -d "${file}" ] && chmod 0505 "${file}"
  26. [ -f "${file}" ] && chmod 0404 "${file}"
  27. }
  28. blackhole() {
  29. local bool="$1"
  30. [ -d "${file}" ] && chmod 0705 "${file}"
  31. if [ -f "${file}" ]; then
  32. if [ $(echo "${file}" | grep "blackhole.dat$") ]; then
  33. chmod 0600 "${file}"
  34. elif [ "${bool}" = "0" ]; then disable
  35. else active
  36. fi
  37. fi
  38. }
  39. disable() {
  40. [ -d "${file}" ] && chmod 0705 "${file}"
  41. [ -f "${file}" ] && chmod 0604 "${file}"
  42. }
  43. loop() {
  44. local bool="$1"; printf "bool: ${bool}\n";
  45. while read -r file; do
  46. printf "${file}\n";
  47. if [ $(echo "${file}" | grep "blackhole") ]; then blackhole "${bool}"
  48. elif [ $(echo "${file}" | grep ".well-known") ]; then disable
  49. elif [ "${bool}" = "0" ]; then
  50. disable
  51. else
  52. active
  53. fi
  54. ls -al "${file}"
  55. #sleep 1
  56. done <<EOF
  57. $(find ${dir})
  58. EOF
  59. unset bool file
  60. }
  61. launcher() {
  62. case "$arg" in
  63. 1|on|true)
  64. loop 1;
  65. [ -x "$RACINE/chattr_web" ] && $RACINE/chattr_web true
  66. ;;
  67. 0|off|false)
  68. [ -x "$RACINE/chattr_web" ] && $RACINE/chattr_web false
  69. loop 0;
  70. ;;
  71. *)
  72. clear
  73. N="service ${0##*/}"
  74. echo "Usage: $N 0|off|false to disable secure chmod..." >&2
  75. echo "Usage: $N 1|on|true to active more secure chmod..." >&2
  76. exit 1
  77. ;;
  78. esac
  79. }
  80. verify_uid() {
  81. if [ $(id -u) -ne 0 ]; then
  82. printf "[ \\33[1;31m %s \\33[0;39m ] %s \n" "KO" "Need to get rights admins!"
  83. exit 1
  84. fi
  85. }
  86. verify_uid
  87. launcher