initial upload

2011-01-06 14:04:33 +01:00 · 2011-01-06 14:04:33 +01:00 · 867ac1955d
commit 867ac1955d
10 changed files with 495 additions and 0 deletions
--- a/www-perms.sh
+++ b/www-perms.sh
@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+# Checks the webroot for files being owned by www daemon and
+# writable at the same time. This is only needed by some files
+# so we'll check with a whitelist.
+# Requires bash 3.2
+
+WWWROOT=/var/www/virtsrv
+WWWUSER=www-data
+WHITELIST="(mpd.lugh.ch/music|\
+mail.lugh.ch/config/conf|\
+/turba/config/conf|\
+admin.lugh.ch/webalizer|\
+admin.lugh.ch/munin|\
+oli.lugh.ch/cache|\
+/wp-content/cache|\
+/wp-content/w3tc/objectcache|\
+/wp-content/w3tc/dbcache|\
+/wp-content/w3tc/pgcache|\
+/wp-content/uploads|\
+/piwik/tmp|\
+/piwik/config/config.ini.php|\
+sitemap.xml*|\
+telperien.lugh.ch/gaestebuch/data|\
+telperien.lugh.ch/gaestebuch/data/book.dat
+)" 
+listcount=0
+whitelist_matches=0
+
+while IFS="" read -r matchedentry; do
+    if [[ "$matchedentry" =~ $WHITELIST ]]; then
+        whitelist_matches=$((whitelist_matches+1))
+    else
+        echo -e "$matchedentry\r"
+        listcount=$((listcount+1))
+    fi
+done < <(find "$WWWROOT" -perm /u+w -user $WWWUSER -o -perm /g+w -group $WWWUSER)
+
+if [ $listcount -gt 0 ]; then
+        echo "Finished: $listcount items are writable by '$WWWUSER' ($whitelist_matches whitelisted)."
+else
+        echo "No writable items found ($whitelist_matches whitelisted)."
+fi
+