boinc/sea/secure.sh

#! /bin/sh

# Make a BOINC installation "secure"
# Create groups and users
# set file/dir ownership
#
# Execute this as root in the BOINC directory

function make_boinc_users() {
    groupadd boinc_master
    groupadd boinc_projects
    useradd boinc_master -g boinc_master
    useradd boinc_projects -g boinc_projects
}

function check_login() {
    if [ `whoami` != 'root' ]
    then
        echo 'This script must be run as root'
        exit
    fi
}

# set_perm path user group perm
#   set a file or directory to the given ownership/permissions
function set_perm() {
    chown $2:$3 $1
    chmod $4 $1
}

# same, but apply to all subdirs and files
#
function set_perm_recursive() {
    chown -R $2:$3 $1
    chmod -R $4 $1
}

# same, but apply to items in the given dir
#
function set_perm_dir() {
    for file in $(ls $1)
    do
        path=$1/$file
        set_perm $path $2 $3 $4
    done
}

check_login

echo "Changing file ownership to user $user and group $group - OK? (y/n)"
read line
if [ "$line" != "y" ]
then
    exit
fi

make_boinc_users

set_perm_recursive . boinc_master boinc_master 0775

set_perm_recursive projects boinc_project boinc_project 0775
set_perm_dir projects boinc_master boinc_project 0775
set_perm projects boinc_master boinc_master 0775

set_perm_recursive slots boinc_project boinc_project 0775
set_perm_dir slots boinc_master boinc_project 0775
set_perm slots boinc_master boinc_master 0775

set_perm switcher/switcher boinc_project boinc_project 4551
set_perm switcher/setprojectgrp boinc_master boinc_project 2500
set_perm switcher boinc_master boinc_master 0550

set_perm_recursive locale boinc_master boinc_master 0550

set_perm boinc_client boinc_master boinc_master 6555
set_perm boinc_manager boinc_master boinc_master 2555
* empty log message * svn path=/trunk/boinc/; revision=10677 2006-07-18 20:39:05 +00:00			`#! /bin/sh`

			`# Make a BOINC installation "secure"`
			`# Create groups and users`
			`# set file/dir ownership`
			`#`
			`# Execute this as root in the BOINC directory`

			`function make_boinc_users() {`
			`groupadd boinc_master`
			`groupadd boinc_projects`
			`useradd boinc_master -g boinc_master`
			`useradd boinc_projects -g boinc_projects`
			`}`

			`function check_login() {`
			if [ `whoami` != 'root' ]
			`then`
			`echo 'This script must be run as root'`
			`exit`
			`fi`
			`}`

			`# set_perm path user group perm`
			`# set a file or directory to the given ownership/permissions`
			`function set_perm() {`
			`chown $2:$3 $1`
			`chmod $4 $1`
			`}`

			`# same, but apply to all subdirs and files`
			`#`
			`function set_perm_recursive() {`
			`chown -R $2:$3 $1`
			`chmod -R $4 $1`
			`}`

			`# same, but apply to items in the given dir`
			`#`
			`function set_perm_dir() {`
			`for file in $(ls $1)`
			`do`
			`path=$1/$file`
			`set_perm $path $2 $3 $4`
			`done`
			`}`

			`check_login`

			`echo "Changing file ownership to user $user and group $group - OK? (y/n)"`
			`read line`
			`if [ "$line" != "y" ]`
			`then`
			`exit`
			`fi`

			`make_boinc_users`

			`set_perm_recursive . boinc_master boinc_master 0775`

			`set_perm_recursive projects boinc_project boinc_project 0775`
			`set_perm_dir projects boinc_master boinc_project 0775`
			`set_perm projects boinc_master boinc_master 0775`

			`set_perm_recursive slots boinc_project boinc_project 0775`
			`set_perm_dir slots boinc_master boinc_project 0775`
			`set_perm slots boinc_master boinc_master 0775`

			`set_perm switcher/switcher boinc_project boinc_project 4551`
			`set_perm switcher/setprojectgrp boinc_master boinc_project 2500`
			`set_perm switcher boinc_master boinc_master 0550`

			`set_perm_recursive locale boinc_master boinc_master 0550`

			`set_perm boinc_client boinc_master boinc_master 6555`
			`set_perm boinc_manager boinc_master boinc_master 2555`