Script to Automate Multi-User Development Permissions In Linux: Part I

While deploying a large virtual server for a client, one of the obstacles they had faced with their previous setup was multi-user permissions with regard to everyone modifying files and directories with their own FTP and/or SSH accounts. Unfortunately, for reasons that won’t be divulged here (quite frankly because I don’t know), and even after I suggested alternatives such as updating policies and standard operating procedures, the client opted to continue using previous methods, but still wanted a resolution to issues they faced in their multi-developer environment.

To address one particular issue, I wrote the following very simple Bash script and set it on a cron running every 15 minutes, dumping all errors and standard output to a black hole.


#!/bin/bash
# Name: multiUserPermissionsFix
# Mode: 0755

function usage {
echo "USAGE: $0 base_directory";
exit -1;
}

# If we didn't even bother to pass an argument to this script, die.
if ( test "$1" == "" ); then
usage;
fi;

# Set up find correctly.
export IFS=$'\n';

# If this is a valid directory, do the work.
if [ -d "$1" ]; then

# Force a trailing slash - workaround for symlinked directories, etc.
d="$1/";

# Find and fix all file permissions --- but ignore all 'cache' cases.
find . -type f -not -path "*cache*" -exec chmod 0664 '{}' \;

exit 0;

# If it wasn't a valid directory passed to this script, die on an error.
else
echo "That directory does not exist!";
exit -1;
fi;

This script is actually not called directly, but instead by a parent script. It recursively runs through all files and sets the permissions to 0664 (owner read/write, group read/write, world read) so that users within the group can update or delete the files within the directory without requiring administrative intervention.

Share

One comment

  1. green polyester insulation

    Oh, I Don't Know…. » Script to Automate Multi-User Development Permissions In Linux: Part I

Leave a Reply

Your email address will not be published. Required fields are marked *