From: Robert Ransbottom (rob@phavl.UUCP)
Date: 01/07/93

Next message: Kenji Rikitake: "Re: Linux v. Coherent: Comments"
Previous message: David Engel: "Re: Library 4.1 bug/feature? fopen("fifo","a") fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

From: rob@phavl.UUCP (Robert Ransbottom)
Subject: Re: Permissions in SLS
Date: 7 Jan 1993 16:14:24 GMT

In article <1992Dec29.214548.3694@sol.UVic.CA> pmacdona@sanjuan (Peter MacDonald) writes:

>Here is how I want to handle permission setting in SLS.
>Like just about all other administration, I want to use
>a shell script. So I intend to modify/extend install
>to allow it to modify files in place, plus a few other
>goodies documented briefly below in the very simple
>example I cobbled together.

This is a rewrite of the script that Peter posted. This doesn't
require the yet to be released modified install program.

I have added a few files for read access:
/etc/profile /etc/utmp /etc/wtmp

I have not yet checked my /dev/[hs]da* devices to see if they are
reasonably secure.

----set_perms.sh------

mkdir /usr/tmp /usr/spool/uucp

chown root /bin /usr /lib /home /user /mnt /usr/bin /usr/lib /usr/man /usr/man/*
chown root /usr/spool /usr/spool/mail /usr/spool/uucp /usr/adm
chgrp root /bin /usr /lib /home /user /mnt /usr/bin /usr/lib /usr/man /usr/man/*
chgrp root /usr/spool /usr/spool/mail /usr/spool/uucp /usr/adm
chmod 755 /bin /usr /lib /home /user /mnt /usr/bin /usr/lib /usr/man /usr/man/*
chmod 755 /usr/spool /usr/spool/mail /usr/spool/uucp /usr/adm

chown root /tmp /usr/tmp
chgrp root /tmp /usr/tmp
chmod 1777 /tmp /usr/tmp

chown root /usr/man /usr/man/* /usr/man/*/*
chgrp root /usr/man /usr/man/* /usr/man/*/*
chmod 755 /usr/man /usr/man/* /usr/man/*/*

find /usr/man/* -type f -print | xargs chmod 644

chown root /usr/spool /usr/spool/mail /usr/spool/uucp /usr/adm
chgrp root /usr/spool /usr/spool/mail /usr/spool/uucp /usr/adm
chmod 755 /usr/spool /usr/spool/mail /usr/spool/uucp /usr/adm

find /usr/lib/* -print | xargs chown root
find /usr/lib/* -print | xargs chgrp root
find /usr/lib/* -type f -print | xargs chmod a+r
find /usr/lib/* -type d -print | xargs chmod a+rx

for i in /home/* ; do
        touch /usr/spool/mail/`basename $i`
        chown `basename $i` $i $i/* /usr/spool/mail/`basename $i`
        chmod 660 /usr/spool/mail/`basename $i`
        chgrp mail /usr/spool/mail/`basename $i`
done
chmod 755 /home/*
chgrp other /home/*

chmod a+r /etc/profile /etc/utmp /etc/wtmp

-- 
rob   Robert Ransbottom
"It is extremely important to maintain correct attributions." -- anonymous

Next message: Kenji Rikitake: "Re: Linux v. Coherent: Comments"
Previous message: David Engel: "Re: Library 4.1 bug/feature? fopen("fifo","a") fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]