-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathshare
More file actions
executable file
·137 lines (111 loc) · 3.48 KB
/
Copy pathshare
File metadata and controls
executable file
·137 lines (111 loc) · 3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
#!/usr/bin/env python
import os
import pwd
import logging
from subprocess import call, check_output
from argparse import ArgumentParser
DEVNULL = open(os.devnull, 'wb')
def get_username():
return pwd.getpwuid( os.getuid() )[ 0 ]
def setfacl(path, user, mode, remove=False, recursive=False, default=False):
if user[0] == ':':
type = "group"
name = user[1:]
else:
type = "user"
name = user
arguments = ['setfacl']
if default:
arguments.append("-d")
if recursive:
arguments.append('-R')
if remove:
acl = "%s:%s" % (type, name)
action = "-x"
else:
acl = "%s:%s:%s" % (type, name, mode)
action = "-m"
arguments.append(action)
arguments.append(acl)
arguments.append(path)
print arguments
call(arguments, stderr=DEVNULL)
def check_executable(path, user):
print "- make sure all parent paths can be entered by %s" % user
isfile = os.path.isfile(path)
if isfile:
p = os.path.dirname(path)
else:
p = path[:]
while p != "/":
setfacl(p, user, 'rX')
p = os.path.dirname(p)
def share(path, users, write, execute, remove, recursive, default=False):
path = os.path.abspath(path)
path = os.path.realpath(path)
print "- share path: ", path
mode = "r"
if not os.path.isfile(path):
mode = mode + "X"
if write:
mode = mode + "w"
if execute:
mode = mode + "x"
for user in users:
setfacl(path, user, mode, remove, recursive, default=default)
if not remove:
check_executable(path, user)
def getfacl(path, users):
username = get_username()
o = check_output(['getfacl', '-p', '-t', path])
for line in o.splitlines():
if line.startswith('#'): continue
e = line.split()
if len(e) < 3: continue
role, name, mode = e[:3]
if name == username: continue
if users and len(users) > 0:
ingroups = role.lower() == "group" and ":"+name in users
inusers = role.lower() == "user" and name in users
if not ingroups and not inusers:
continue
print path, role, name, mode
def show(path, users):
path = os.path.abspath(path)
if os.path.isfile(path):
getfacl(path, users)
else:
for root, dirs, files in os.walk(path):
getfacl(root, users)
for file in files:
getfacl(os.path.join(root,file), users)
if __name__ == '__main__':
parser = ArgumentParser()
parser.add_argument('-s', '--show', dest='show', action='store_const',
const=True, default=False,
help='show shared files and folders')
parser.add_argument('-w', '--write', dest='write', action='store_const',
const=True, default=False,
help='add write access')
parser.add_argument('-e', '--remove', dest='remove', action='store_const',
const=True, default=False,
help='erase/remove access')
parser.add_argument('-x', '--executable', dest='execute', action='store_const',
const=True, default=False,
help='add executavle flag')
parser.add_argument('-r', '--recursive', dest='recursive', action='store_const',
const=True, default=False,
help='apply recursive to all files')
parser.add_argument('-d', '--default', dest='default', action='store_const',
const=True, default=False,
help='apply recursive to all files')
parser.add_argument('path', help='path to set permission')
parser.add_argument('users', help='user or groups to give access to, e.g. max or :users',
nargs='*')
args = parser.parse_args()
if isinstance(args.users, basestring):
args.users = [args.users]
if args.show:
show(args.path, args.users)
else:
share(args.path, args.users, args.write, args.execute, args.remove, args.recursive, default=args.default)