mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-21 18:59:22 +01:00
52 lines
1.4 KiB
Bash
Executable File
52 lines
1.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# This script removes permissions from other people than the owner to
|
|
# files/folders that they don't have access to and where they don't need
|
|
# access.
|
|
set -x
|
|
|
|
# You don't want to make this verbose.
|
|
chmod g-rwx,o-rwx "$HOME" -R
|
|
|
|
touch $HOME/.oidentd.conf
|
|
|
|
chmod -v u+rw,g-wx+r,o-wx+r $HOME/.oidentd.conf
|
|
|
|
touch $HOME/.ICEauthority
|
|
chmod -v o-rw+x,g-rw+x $HOME
|
|
|
|
mkdir -p $HOME/public_html/
|
|
chmod -v -R 755 $HOME/public_html/
|
|
|
|
touch $HOME/.face
|
|
touch $HOME/.forward
|
|
touch $HOME/.netrc
|
|
chmod -v a+r-wx,u+rw $HOME/.face
|
|
chmod -v a+r-wx,u+rw $HOME/.forward
|
|
chmod -v 600 $HOME/.netrc
|
|
|
|
mkdir -p $HOME/.ssh
|
|
chmod -v 700 $HOME/.ssh
|
|
touch $HOME/.ssh/authorized_keys
|
|
chmod -v 600 $HOME/.ssh/authorized_keys
|
|
|
|
mkdir -p "$HOME/AppImages"
|
|
chmod a+rx "$HOME/AppImages/" "$HOME/AppImages/*.appimage"
|
|
|
|
# if we have support for setting ACL, some of this becomes easier (although maybe redundant)
|
|
if hash setfacl 2> /dev/null; then
|
|
setfacl --modify u:$(id -un):rw,g:$(id -gn):r,o:r $HOME/.oidentd.conf
|
|
setfacl --modify=u:$(id -un):rwX,g:$(id -gn):rX,o:rX "$HOME/AppImages/"
|
|
setfacl --recursive --modify u:$(id -un):rwX,g:$(id -gn):rX,o:rX $HOME/public_html/
|
|
|
|
for appimage in $(find $HOME/AppImages/*.appimage); do
|
|
setfacl --modify=u:$(id -un):rwX,g:$(id -gn):rX,o:rX $appimage
|
|
done
|
|
|
|
# Enabling laziness pt. …
|
|
if [[ -d $HOME/.shell-things ]]; then
|
|
setfacl --recursive --modify u:$(id -un):rwX,g:$(id -gn):rX,o:rX $HOME/.shell-things/
|
|
fi
|
|
fi
|
|
|
|
set +x
|