From b922e8bc9cebbb42a76da4752a10ecba0043917d Mon Sep 17 00:00:00 2001 From: nl6720 Date: Mon, 20 Jul 2020 12:18:16 +0300 Subject: [PATCH] Set up custom user home directories and their permissions --- configs/baseline/build.sh | 14 ++++++++++++++ configs/releng/build.sh | 15 ++++++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/configs/baseline/build.sh b/configs/baseline/build.sh index f2f3922..6001cd8 100755 --- a/configs/baseline/build.sh +++ b/configs/baseline/build.sh @@ -39,6 +39,20 @@ make_custom_airootfs() { cp -af --no-preserve=ownership -- "${script_path}/airootfs/." "${_airootfs}" [[ -e "${_airootfs}/etc/shadow" ]] && chmod -f 0400 -- "${_airootfs}/etc/shadow" [[ -e "${_airootfs}/etc/gshadow" ]] && chmod -f 0400 -- "${_airootfs}/etc/gshadow" + + # Set up user home directories and permissions + if [[ -e "${_airootfs}/etc/passwd" ]]; then + while IFS=':' read -a passwd -r; do + [[ "${passwd[5]}" == '/' ]] && continue + + if [[ -d "${_airootfs}${passwd[5]}" ]]; then + chown -hR -- "${passwd[2]}:${passwd[3]}" "${_airootfs}${passwd[5]}" + chmod -f 0750 -- "${_airootfs}${passwd[5]}" + else + install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${_airootfs}${passwd[5]}" + fi + done < "${_airootfs}/etc/passwd" + fi fi } diff --git a/configs/releng/build.sh b/configs/releng/build.sh index 07d2560..310204b 100755 --- a/configs/releng/build.sh +++ b/configs/releng/build.sh @@ -69,7 +69,20 @@ make_custom_airootfs() { [[ -e "${_airootfs}/etc/shadow" ]] && chmod -f 0400 -- "${_airootfs}/etc/shadow" [[ -e "${_airootfs}/etc/gshadow" ]] && chmod -f 0400 -- "${_airootfs}/etc/gshadow" - [[ -e "${_airootfs}/root" ]] && chmod -f 0750 -- "${_airootfs}/root" + + # Set up user home directories and permissions + if [[ -e "${_airootfs}/etc/passwd" ]]; then + while IFS=':' read -a passwd -r; do + [[ "${passwd[5]}" == '/' ]] && continue + + if [[ -d "${_airootfs}${passwd[5]}" ]]; then + chown -hR -- "${passwd[2]}:${passwd[3]}" "${_airootfs}${passwd[5]}" + chmod -f 0750 -- "${_airootfs}${passwd[5]}" + else + install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${_airootfs}${passwd[5]}" + fi + done < "${_airootfs}/etc/passwd" + fi fi }