From 0e12876e56e414f8df1b4ce111e1d11d5b733771 Mon Sep 17 00:00:00 2001 From: P. J. McDermott Date: Sun, 21 Oct 2012 17:33:27 -0400 Subject: Write and document oh-fixperms. --- diff --git a/locale/en_US/opkhelper.sh b/locale/en_US/opkhelper.sh index 3f5e32a..7114d66 100644 --- a/locale/en_US/opkhelper.sh +++ b/locale/en_US/opkhelper.sh @@ -22,3 +22,8 @@ msg_opkhelper_installing_files='Installing files for package "%s"...' msg_opkhelper_strip_so='Stripping shared library "%s"...' msg_opkhelper_strip_exe='Stripping executable object "%s"...' msg_opkhelper_strip_a='Stripping static library "%s"...' +msg_opkhelper_chown='Setting ownership of files...' +msg_opkhelper_chmod_lib='Setting mode of library files...' +msg_opkhelper_chmod_include='Setting mode of header files...' +msg_opkhelper_chmod_man='Setting mode of manual files...' +msg_opkhelper_chmod_bin='Setting mode of program files in "%s"...' diff --git a/man/Makefile.in b/man/Makefile.in index c58ae85..81acdea 100644 --- a/man/Makefile.in +++ b/man/Makefile.in @@ -35,7 +35,7 @@ sed_script = s&@@PACKAGE_NAME@@&$(package_name)&;\ .SUFFIXES: .SUFFIXES: .in -SRCS = oh-installfiles.1.in oh-strip.1.in +SRCS = oh-installfiles.1.in oh-strip.1.in oh-fixperms.1.in OBJS = $(SRCS:.in=) distdir = ../$(package_name)-$(package_version)/man diff --git a/man/oh-fixperms.1.in b/man/oh-fixperms.1.in new file mode 100644 index 0000000..0e5ecb4 --- /dev/null +++ b/man/oh-fixperms.1.in @@ -0,0 +1,39 @@ +.\" Author: Patrick "P. J." McDermott +.TH oh-fixperms 1 \ +"@@DATE@@" "@@PACKAGE_NAME@@-@@PACKAGE_VERSION@@" "@@PACKAGE_DESCRIPTION@@" + +.SH NAME +oh-fixperms \- Fix permissions and ownerships of data files. + +.SH SYNOPSIS +.B oh-strip +.RB [ -d +.IR dir ] + +.SH DESCRIPTION +.B oh-fixperms +fixes file ownerships and unsafe or unusual file modes on data files. + +.SH OPTIONS +.TP +.BI \-d \ dir +Look for data files in +.IR dir . +The default directory is +.IR dest . + +.SH COPYRIGHT +Copyright (C) 2012 Patrick "P. J." McDermott +.sp +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. +.sp +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. +.sp +You should have received a copy of the GNU General Public License +along with this program. If not, see . diff --git a/src/Makefile.in b/src/Makefile.in index 74063c2..e3f742a 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -41,7 +41,8 @@ sed_script = s&@@PACKAGE_NAME@@&$(package_name)&;\ SRCS = \ oh-installfiles.sh \ - oh-strip.sh + oh-strip.sh \ + oh-fixperms.sh OBJS = $(SRCS:.sh=) distdir = ../$(package_name)-$(package_version)/src diff --git a/src/oh-fixperms.sh b/src/oh-fixperms.sh new file mode 100644 index 0000000..d7779aa --- /dev/null +++ b/src/oh-fixperms.sh @@ -0,0 +1,82 @@ +#!@@SH@@ +# +# opkhelper +# src/oh-fixperms +# Fix permissions and ownerships of data files. +# +# Copyright (C) 2012 Patrick "P. J." McDermott +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +. '@@LIBOPKBUILD_1@@/load.sm' + +ob_use locale +ob_use output + +main() +{ + dir='dest' + + ob_set_locale_path '@@LOCALEDIR@@/%s/LC_MESSAGES/%s.ms' + ob_set_text_domain 'opkhelper' + + while getopts 'd:' opt; do + case "${opt}" in + d) + dir="${OPTARG}" + ;; + ?) + ob_error "$(ob_get_msg 'bad_opt')" + exit 1 + ;; + esac + done + + # Ensure that everything is owned by UID 0 and GID 0. + ob_info "$(ob_get_msg 'chown')" + find "${dir}" \ + -exec 'chown' '-h' '0:0' '{}' ';' + + # Ensure that shared libraries, static libraries, and libtool archives have + # a rw-r--r-- mode. + ob_info "$(ob_get_msg 'chmod_lib')" + find "${dir}" -type f -a ! -perm 644 \ + -a \( -name '*.so*' -o -name '*.a' -o -name '*.la' \) \ + -exec 'chmod' '644' '{}' ';' + + # Ensure that header files have a rw-r--r-- mode. + if [ -d "${dir}/usr/include" ]; then + ob_info "$(ob_get_msg 'chmod_include')" + find "${dir}/usr/include" -type f -a ! -perm 644 \ + -exec 'chmod' '644' '{}' ';' + fi + + # Ensure that manual pages have a rw-r--r-- mode. + if [ -d "${dir}/usr/share/man" ]; then + ob_info "$(ob_get_msg 'chmod_man')" + find "${dir}/usr/share/man" -type f -a ! -perm 644 \ + -exec 'chmod' '644' '{}' ';' + fi + + # Ensure that binary programs and service scripts have a rwxr-xr-x mode. + for bindir in /usr/sbin /usr/bin /sbin /bin /usr/games /etc/init.d; do + if [ -d "${dir}/${bindir}" ]; then + ob_info "$(ob_get_msg 'chmod_bin')" "${bindir}" + find "${dir}/${bindir}" -type f -a ! -perm 755 \ + -exec 'chmod' '755' '{}' ';' + fi + done +} + +main "${@}" -- cgit v0.9.1