diff --git a/src/fixperms.sh b/src/fixperms.sh index 1fd7a6b1..f6d50d19 100755 --- a/src/fixperms.sh +++ b/src/fixperms.sh @@ -116,7 +116,6 @@ doone() { mkdir -p "$REP" chown -R $GID:$GID "$REP" chmod 2770 -R "$REP" - test -d "$REP/tmp" || mkdir "$REP/tmp" # # Delete existings ACL # # Set the defaults acl on all the files @@ -126,7 +125,7 @@ doone() { setfacl -bknR -m d:u:alterncpanel:rwx -m d:g:alterncpanel:rwx -m u:alterncpanel:rwx -m g:alterncpanel:rwx -m d:o::--- -m o::---\ -m d:u:$GID:rwx -m d:g:$GID:rwx -m u:$GID:rwx -m g:$GID:rwx -m d:mask:rwx -m mask:rwx "$REP" - chmod 777 "$REP/tmp" + fixtmp $GID read GID LOGIN || true done echo -e "\nDone" @@ -134,8 +133,10 @@ doone() { fixdir() { if [ "$DEBUG" ]; then - echo "Setting rights and ownership for user $LOGIN having gid $GID" + echo "Setting rights with fixdir" fi + + # sub_dir is global REP="$sub_dir" # We assume that the owner of the directory should be the one from the html user base directory ( $ALTERNC_HTML//) REP_ID="$(get_uid_by_path "$REP")" @@ -146,12 +147,6 @@ fixdir() { # Set the file readable only for the AlternC User mkdir -p "$REP" chown -R $REP_ID:$REP_ID "$REP" - test_tmp=$(basename $REP) - if [ "$test_tmp" != "tmp" ]; then - chmod 2770 -R "$REP" - else - chmod 2777 -R "$REP" - fi # Delete existings ACL # Set the defaults acl on all the files @@ -159,11 +154,26 @@ fixdir() { # -Rm g:alterncpanel:rwx -m u:$REP_ID:rwx -m g:$REP_ID:rwx -m mask:rwx\ # "$REP" setfacl -bknR -m d:u:alterncpanel:rwx -m d:g:alterncpanel:rwx -m u:alterncpanel:rwx -m g:alterncpanel:rwx -m d:o::--- -m o::---\ - -m d:u:$GID:rwx -m d:g:$GID:rwx -m u:$GID:rwx -m g:$GID:rwx -m d:mask:rwx -m mask:rwx "$REP" + -m d:u:$REP_ID:rwx -m d:g:$REP_ID:rwx -m u:$REP_ID:rwx -m g:$REP_ID:rwx -m d:mask:rwx -m mask:rwx "$REP" + fixtmp $REP_ID echo -e "\nDone" } +fixtmp() { + REP_ID=$1 + local REP=$(get_html_path_by_name $(get_name_by_uid $REP_ID)) + + if [ "$REP/tmp" == "/tmp" ] ; then + echo ERROR + exit 0 + fi + + test -d "$REP/tmp" || ( mkdir "$REP/tmp" && setfacl -bkn -m d:u:alterncpanel:rwx -m d:g:alterncpanel:rwx -m u:alterncpanel:rwx -m g:alterncpanel:rwx -m d:o::--- -m o::--- -m d:u:$REP_ID:rwx -m d:g:$REP_ID:rwx -m u:$REP_ID:rwx -m g:$REP_ID:rwx -m d:mask:rwx -m mask:rwx "$REP" ) + + chmod 777 "$REP/tmp" +} + fixfile() { /usr/bin/setfacl -bk "$file" # We assume that the owner of the file should be the one from the html user base directory ( $ALTERNC_HTML//) @@ -194,16 +204,16 @@ trap ctrl_c SIGINT #Start of the script actions if [[ "$file" != "" ]]; then # if we are dealing with a file - if [ -e "$file" ]; then - fixfile - else + if [ -e "$file" ]; then + fixfile + else echo "file not found" fi elif [[ "$sub_dir" != "" ]]; then #if we are dealing with a directory if [ -d "$sub_dir" ]; then fixdir else - echo "dir not found" +echo "dir not found" fi else #we are fixing the whole html directory diff --git a/src/functions.sh b/src/functions.sh index e1d576a1..5f005c52 100755 --- a/src/functions.sh +++ b/src/functions.sh @@ -50,19 +50,18 @@ print_domain_letter() { } get_uid_by_path() { -local path="$1" -local sizepath=${#path} -local lastcar=${ALTERNC_HTML: -1} + local path="$1" + local sizepath=${#path} + local lastcar=${ALTERNC_HTML: -1} -if [ "$lastcar" != "/" ] -then - ALTERNC_HTML=$ALTERNC_HTML"/" -fi + local sizebasepath=${#ALTERNC_HTML} + if [ "${ALTERNC_HTML:-1}" != "/" ] ; then + sizebasepath=$(( $sizebasepath + 1 )) + fi -local sizebasepath=${#ALTERNC_HTML} -local basepath=${path:0:($sizebasepath +2)} -local uid=`ls -n $basepath | head -n 2|tail -n 1| awk '{print $3}'` -echo $uid + local login=$(echo ${path:$sizebasepath} | cut -d '/' -f 2) + + get_uid_by_name $login } # Return the html path for a account name @@ -85,7 +84,23 @@ print_user_letter() { # return the uid of an alternc account get_uid_by_name() { - mysql_query 'SELECT uid FROM membres WHERE login="'"$1"'" LIMIT 1;' + local name=$1 + if [[ ! "$name" =~ ^([a-z0-9]+)$ ]] ; then + # Error on error flux + echo "Account name is incorrect." >&2 + exit 2 + fi + mysql_query 'SELECT uid FROM membres WHERE login="'"$name"'" LIMIT 1;' +} + +get_name_by_uid() { + local id=$1 + if [[ ! "$id" =~ ^([0-9]+)$ ]] ; then + # Error on error flux + echo "Account name is incorrect." >&2 + exit 2 + fi + mysql_query 'SELECT login FROM membres WHERE uid="'"$id"'" LIMIT 1;' } get_variable_from_db() {