A script to fix Directory Permissions

For discussions about programming, programming questions/advice, and projects that don't really have anything to do with Puppy.
Post Reply
Message
Author
s243a
Posts: 2580
Joined: Tue 02 Sep 2014, 04:48
Contact:

A script to fix Directory Permissions

#1 Post by s243a »

On puppy new directories are created typically as:
user=root, group=spot

and folder read and execute permissions are given to typically user and group. This scheme won't work if either:
1. A user is not in group sport or;
2. The group permission of the folder is root.

So one can run into issues if a folder in either LD_LIBRARY_PATH, PATH or /etc doesn't have both read and execute permission for the folder. If for some reason this occurs (I had issues on TazPup64), here is a script to fix it:

Code: Select all

#!/bin/bash
#
#IFS=: read -r -d '' -a path_array < <(printf '%s:\0' "$MANPATH")
#
_(){
  echo "$*"	
}
CONFIG_DIRS="/etc:" #For some reason we need a caracter to end the aray. 
for path_list_name in LD_LIBRARY_PATH PATH CONFIG_DIRS; do
  while IFS=\0 read -r -d '' a_path; do
    if [ -d "$a_path" ] && \
       [ "`stat -c '%U %G' $(_ $a_path)`" = "root root"  ]; then
      chmod 775 $a_path
    fi
  done < <(echo "`eval $(_ echo '$'$path_list_name)`" | tr ':' '\0' )
done
#exit 0

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#2 Post by rufwoof »

I would have thought that you'd want to restrict spot more. Opening up all of those folders like that to spot also opens up potential setuid access and potentially as good as invalidates running internet apps/browser as spot. ???
[size=75]( ͡° ͜ʖ ͡°) :wq[/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]

s243a
Posts: 2580
Joined: Tue 02 Sep 2014, 04:48
Contact:

#3 Post by s243a »

rufwoof wrote:I would have thought that you'd want to restrict spot more. Opening up all of those folders like that to spot also opens up potential setuid access and potentially as good as invalidates running internet apps/browser as spot. ???
The problem is if spot doesn't have exec premission to the etc folder then spot can't do commands like "whoami" because then spot can't read /etc/passwd.

An alternative would be to have spot use a different folder than /etc and either copy, hard-link (or maybe symlink?) what is needed. I'm not sure whether or not one would need to use the chroot command to do this or not.

If I knew the exact setup I would then I could create a second script to restrict the above folders and create alternative folders for non-root users.

musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#4 Post by musher0 »

What happened to chmod -R ?
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)

s243a
Posts: 2580
Joined: Tue 02 Sep 2014, 04:48
Contact:

#5 Post by s243a »

musher0 wrote:What happened to chmod -R ?
I suppose if things were really broken I might want to do that but it was only the directory permissions that were broken for me. That said even if I needed to also fix the files, I probably wouldn't use chmod -R because I might not want to do the same thing for each file.

Post Reply