Author Topic: Reset site permissions script for linux  (Read 19404 times)

mirrorsandglass

  • Jr. Member
  • **
  • Posts: 158
  • Time Is Precious, Waste It Wisely
Reset site permissions script for linux
« on: September 02, 2010, 12:58:17 pm »
Hi all,
I've been working on a site reset script for sh that can reset permissions and ownership after upgrades or transfer of files or just fiddling with site setup.
It needs the full joomla website root passed on the command line.
and should be run with sudo or in a root shell

I've placed it here in case it is useful to anyone.
I couldn't think what section to put it in so put it here.
Any comments welcome, particularly for the "tighter" $OWNER:$GROUP option SPECIFIC FOLDERS / FILES SECTIONS.

Thanks, M.
Code: [Select]
#! /bin/bash
# RESET WEBSITE PERMISSIONS
# This should stay as root
OWNER=root
# This is your apache/website user group.
GROUP=www-data

# Check if the Folder has been specified.
if [ -z "$1" ]; then
echo "No Folder Specified"
echo ""
echo "Usage: $0 /website-root"
echo ""
exit
else
DIR=$1
# Check if Folder exists.
if [ -d "$1" ]; then

# SETUP SECTION #
# Get a list of folders and save to file for later use.
sudo find -L "$1" -type d > dirlist

# Security can be tightened further by setting the next command to $OWNER:$GROUP instead.
# However this means you would need to change the # FILE PERMS SECTION # and # FOLDER PERMS SECTION #
# WARNING: You may find you are unable to configure aspects of your site if you use this option.
# You would need to uncomment the # SPECIFIC FILE PERMS SECTION # examples to allow writes for $GROUP "chmod 660"
# and for the # SPECIFIC FOLDER PERMS SECTION # examples to allow write and execute for $GROUP "chmod -R 770"
# See Notes for that section.

# Change all file/folder ownership recursively to website user.
sudo chown -LR $GROUP:$GROUP "$1"/*

# FILE OWNERSHIP SECTION #
# Change specific files that we want website user to read but only $OWNER to write.
sudo chown -L $OWNER:$GROUP "$1"/index.php
sudo chown -L $OWNER:$GROUP "$1"/index2.php
sudo chown -L $OWNER:$GROUP "$1"/robots.txt
sudo chown -L $OWNER:$GROUP "$1"/.htaccess
sudo chown -L $OWNER:$GROUP "$1"/configuration.php-dist
sudo chown -L $OWNER:$GROUP "$1"/*.js
sudo chown -L $OWNER:$GROUP "$1"/*.png
sudo chown -L $OWNER:$GROUP "$1"/*.ico
sudo chown -L $OWNER:$GROUP "$1"/tester_ie.php
sudo chown -L $OWNER:$GROUP "$1"/tester.php
sudo chown -L $OWNER:$GROUP "$1"/xml*.php
sudo chown -L $OWNER:$GROUP "$1"/*.htm*

# Change specific files so that only $OWNER can see them.
# This could be to hide them from the web interface.
sudo chown -L $OWNER:$OWNER "$1"/a.b.c.*
sudo chown -L $OWNER:$OWNER "$1"/CHANGELOG.php
sudo chown -L $OWNER:$OWNER "$1"/COPYRIGHT.php
sudo chown -L $OWNER:$OWNER "$1"/CREDITS.php
sudo chown -L $OWNER:$OWNER "$1"/INSTALL.php
sudo chown -L $OWNER:$OWNER "$1"/LICENSE.php
sudo chown -L $OWNER:$OWNER "$1"/LICENSES.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/CHANGELOG.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/COPYRIGHT.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/install.virtuemart.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/INSTALLATION.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/LICENSE.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/README.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/TODO.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/uninstall.virtuemart.php
sudo chown -L $OWNER:$OWNER "$1"/administrator/components/com_virtuemart/VirtueMart_1.1_Installation.pdf

# FILES PERMS SECTION #

# Change all files and folders to Read/Write for Owner and Read for Group.
# Execute permissions are added later.
sudo chmod -R 640 "$1"/*

# SPECIFIC FILE PERMS SECTION #
# Uncomment (remove the '#' from) these examples if you have set tight $OWNER. (See Previous # SETUP SECTION #)
# This will allow alterations from the web interface to your settings. This is optional.

# Root Joomla config file
# sudo chmod 660 "$1"/configuration.php

# Root Virtuemart config file
# sudo chmod 660 "$1"/administrator/components/com_virtuemart/virtuemart.cfg.php

# Theme settings file example
# sudo chmod 660 "$1"/templates/<THEME_NAME_FOLDER>/params.ini

# ADD FURTHER FILES HERE: #

# ----------------------- #

# FOLDER PERMS SECTION #

# Change all folders gathered from dirlist to Read/Write/Execute for $OWNER and Read/Execute for $GROUP.
sudo xargs chmod 750 < dirlist

# SPECIFIC FOLDER PERMS SECTION #
# Uncomment (remove the '#' in front of) these examples if you have set tight $OWNER. (See Previous # SETUP SECTION #)
# This will allow site to function from the web e.g product updates/additions of pictures/thumbnails.
# WARNING: Some or all of this section is optional if tight $OWNER used depending on web functionality required.

# TMP Folder
# sudo chmod 770 "$1"/tmp
# sudo chmod 660 "$1"/tmp/*

# CACHE Folder
# sudo chmod 770 "$1"/cache
# sudo chmod 660 "$1"/cache/*

# LOGS Folder
# sudo chmod 770 "$1"/logs
# sudo chmod 660 "$1"/logs/*

# Joomla Root Images Folder with sub-folders
# sudo find -L "$1"/images -type d > dirlist
# sudo chmod -R 660 "$1"/images
# sudo xargs chmod 770 < dirlist

# Shop Images Folder with Sub-Folders
# sudo find -L "$1"/components/com_virtuemart/shop_image -type d > dirlist
# sudo chmod -R 660 "$1"/components/com_virtuemart/shop_image
# sudo xargs chmod 770 < dirlist

# THEMES Folder with Sub-Folders
# sudo find -L "$1"/components/com_virtuemart/themes -type d > dirlist
# sudo chmod -R 660 "$1"/components/com_virtuemart/themes
# sudo xargs chmod 770 < dirlist

# ADD FURTHER FOLDERS HERE: #

# ------------------------- #

# Remove file dirlist
sudo rm dirlist
else
echo "Folder Does Not Exist"
fi
fi