forked from LeeMangold/OpenGRC
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathset_permissions
More file actions
executable file
·57 lines (43 loc) · 1.48 KB
/
set_permissions
File metadata and controls
executable file
·57 lines (43 loc) · 1.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/bin/bash
# Common web server usernames
COMMON_WEB_USERS=("www-data" "apache" "nginx" "http" "www")
# Detect web server user running on the system
detect_web_user() {
for user in "${COMMON_WEB_USERS[@]}"; do
if id "$user" &>/dev/null; then
echo "$user"
return 0
fi
done
echo "No common web server user found." >&2
exit 1
}
# Get the web server user
WEB_USER=$(detect_web_user)
# Get current shell user
CURRENT_USER=$(whoami)
# Laravel root directory
cd "$(dirname "$0")"
echo "Setting ownership to $CURRENT_USER:$WEB_USER ..."
sudo chown -R $CURRENT_USER:$WEB_USER .
echo "Fixing directory permissions..."
sudo find . -type d -exec chmod 2770 {} +;
echo "Fixing file permissions..."
sudo find . -type f -exec chmod 660 {} +;
for link in node_modules/.bin/*; do
if [ -L "$link" ]; then
target=$(readlink -f "$link")
if [ -f "$target" ]; then
sudo chmod 770 "$target"
fi
fi
done
echo "Setting correct permissions for storage and bootstrap/cache..."
sudo chmod -R 2770 storage bootstrap/cache
echo "Setting group sticky bit..."
sudo find storage bootstrap/cache -type d -exec chmod g+s {} +;
echo "Setting correct permissions for utilities..."
sudo chmod 770 install.sh update.sh set_permissions generate-sbom.php artisan
echo "Setting correct permissions for vendor binaries..."
sudo chmod 770 install.sh vendor/bin/*
echo "Done. Ownership is $CURRENT_USER:$WEB_USER and OpenGRC permissions are set."