2013-02-06 15:45:29 +01:00
|
|
|
#!/usr/bin/env bash
|
2023-02-21 18:08:54 +01:00
|
|
|
# This script removes permissions from other people than the owner to
|
2013-02-06 15:45:29 +01:00
|
|
|
# files/folders that they don't have access to and where they don't need
|
|
|
|
# access.
|
2014-07-16 12:09:59 +02:00
|
|
|
set -x
|
2013-02-06 15:45:29 +01:00
|
|
|
|
2024-04-25 16:37:26 +02:00
|
|
|
# You don't want to make this verbose.
|
|
|
|
chmod g-rwx,o-rwx "$HOME" -R
|
2013-02-06 15:45:29 +01:00
|
|
|
|
|
|
|
touch ~/.oidentd.conf
|
|
|
|
|
2024-04-25 16:37:26 +02:00
|
|
|
chmod -v u+rw,g-wx+r,o-wx+r ~/.oidentd.conf
|
2013-02-06 15:45:29 +01:00
|
|
|
|
|
|
|
touch ~/.ICEauthority
|
2024-04-25 16:37:26 +02:00
|
|
|
chmod -v o-rw+x,g-rw+x ~
|
2013-02-06 15:45:29 +01:00
|
|
|
|
2013-02-06 15:54:38 +01:00
|
|
|
mkdir -p ~/public_html/
|
2024-04-25 16:37:26 +02:00
|
|
|
chmod -v -R 755 ~/public_html/
|
2013-02-07 06:21:59 +01:00
|
|
|
|
2013-02-07 06:22:51 +01:00
|
|
|
touch ~/.face
|
|
|
|
touch ~/.forward
|
2014-07-16 12:09:59 +02:00
|
|
|
touch ~/.netrc
|
2024-04-25 16:37:26 +02:00
|
|
|
chmod -v a+r-wx,u+rw ~/.face
|
|
|
|
chmod -v a+r-wx,u+rw ~/.forward
|
|
|
|
chmod -v 600 ~/.netrc
|
2013-02-07 06:21:59 +01:00
|
|
|
|
2015-09-12 08:02:39 +02:00
|
|
|
mkdir -p ~/.ssh
|
2024-04-25 16:37:26 +02:00
|
|
|
chmod -v 700 ~/.ssh
|
2015-09-02 15:37:45 +02:00
|
|
|
touch ~/.ssh/authorized_keys
|
2024-04-25 16:37:26 +02:00
|
|
|
chmod -v 600 ~/.ssh/authorized_keys
|
2015-06-11 13:02:05 +02:00
|
|
|
|
2024-08-08 13:17:41 +02:00
|
|
|
# if we have support for setting ACL, some of this becomes easier (although maybe redundant)
|
|
|
|
if hash setfacl 2> /dev/null; then
|
|
|
|
setfacl --modify u:$(id -un):rw,g:$(id -gn):r,o:r ~/.oidentd.conf
|
|
|
|
# The execute permission is a bit silly to apply recursively, but it's
|
|
|
|
# needed for cd and ls. so perhaps there should be some responsibility
|
|
|
|
# given to others too...
|
|
|
|
setfacl --recursive --modify u:$(id -un):rw,g:$(id -gn):rx,o:rx ~/public_html/
|
|
|
|
|
|
|
|
# Enabling laziness pt. …
|
|
|
|
if [[ -d ~/.shell-things ]]; then
|
|
|
|
setfacl --recursive --modify u:$(id -un):rw,g:$(id -gn):rx,o:rx ~/.shell-things/
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2014-10-09 21:12:25 +02:00
|
|
|
set +x
|