mirror of
				https://gitea.blesmrt.net/mikaela/shell-things.git
				synced 2025-10-26 14:47:36 +01:00 
			
		
		
		
	
		
			
				
	
	
		
			59 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			59 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/usr/bin/env bash
 | |
| # This script removes permissions from other people than the owner to
 | |
| # files/folders that they don't have access to and where they don't need
 | |
| # access.
 | |
| set -x
 | |
| 
 | |
| # You don't want to make this verbose.
 | |
| chmod g-rwx,o-rwx "$HOME" -R
 | |
| 
 | |
| touch $HOME/.oidentd.conf
 | |
| 
 | |
| chmod -v u+rw,g-wx+r,o-wx+r $HOME/.oidentd.conf
 | |
| 
 | |
| touch $HOME/.ICEauthority
 | |
| chmod -v o-rw+x,g-rw+x $HOME
 | |
| 
 | |
| mkdir -p $HOME/public_html/
 | |
| chmod -v -R 755 $HOME/public_html/
 | |
| 
 | |
| touch $HOME/.face
 | |
| touch $HOME/.forward
 | |
| touch $HOME/.netrc
 | |
| chmod -v a+r-wx,u+rw $HOME/.face
 | |
| chmod -v a+r-wx,u+rw $HOME/.forward
 | |
| chmod -v 600 $HOME/.netrc
 | |
| 
 | |
| mkdir -p $HOME/.ssh
 | |
| chmod -v 700 $HOME/.ssh
 | |
| touch $HOME/.ssh/authorized_keys
 | |
| chmod -v 600 $HOME/.ssh/authorized_keys
 | |
| 
 | |
| mkdir -p "$HOME/AppImages"
 | |
| chmod a+rx "$HOME/AppImages/" "$HOME/AppImages/*.appimage"
 | |
| 
 | |
| # if we have support for setting ACL, some of this becomes easier (although maybe redundant)
 | |
| if hash setfacl 2> /dev/null; then
 | |
| 	setfacl --modify u:$(id -un):rw,g:$(id -gn):r,o:r $HOME/.oidentd.conf
 | |
| 	setfacl --modify=u:$(id -un):rwX,g:$(id -gn):rX,o:rX "$HOME/AppImages/"
 | |
| 	setfacl --recursive --modify u:$(id -un):rwX,g:$(id -gn):rX,o:rX $HOME/public_html/
 | |
| 
 | |
| 	for appimage in $(find $HOME/AppImages/*.appimage); do
 | |
| 		setfacl --modify=u:$(id -un):rwX,g:$(id -gn):rX,o:rX $appimage
 | |
| 	done
 | |
| 
 | |
| 	# Enabling laziness pt. …
 | |
| 	if [[ -d $HOME/.shell-things ]]; then
 | |
| 		setfacl --recursive --modify u:$(id -un):rwX,g:$(id -gn):rX,o:rX $HOME/.shell-things/
 | |
| 	fi
 | |
| fi
 | |
| 
 | |
| # Fedora Atomic compatibility
 | |
| if [ "$(id -u)" == "0" ]; then
 | |
| 	if [ -d /var/roothome ]; then
 | |
| 		chmod -v a+x /var/roothome
 | |
| 	fi
 | |
| fi
 | |
| 
 | |
| set +x
 |