summaryrefslogtreecommitdiff
path: root/sbin/itzks-transfer-create
blob: f18a2db6f7d3c4d3d429754b29e164c1c6fcb50a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
#!/bin/bash

#
# Copyright (C) 2018 Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
#
# This script is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.

TRANSFER_BASE="/skole/tjener/transfer"
TRANSFER_TEACHERS="${TRANSFER_BASE}/nur-Lehrer"
TRANSFER_STUDENTS="${TRANSFER_BASE}/Schüler+Lehrer"

GROUP_TEACHERS="teachers"
GROUP_STUDENTS="students"

if [ -f /etc/default/itzks-transfer-create ]; then
    . /etc/default/itzks-transfer-create
fi

function find_mount_point()
{
	LANG=C  mount | while read mountline; do
		mountpoint=$(echo "${mountline}" | awk '{print $3}')
		if echo $1 | grep -q "${mountpoint}"; then
			echo ${mountpoint}
		fi
	done | sort | tail -n1
}

function find_mounted_dev()
{
	echo $(LANG=C  mount | grep -E ".*on\\s$1\s" | awk '{print $1}')
}

transfer_mount_point=$(find_mount_point ${TRANSFER_BASE})
transfer_mounted_dev=$(find_mounted_dev ${transfer_mount_point})

if ! blkid "${transfer_mounted_dev}" | grep -qE '.*\sTYPE="ext[3-4]{1}"(\s|$)'; then
	echo "ERROR: Underlying filesystem of mount-point ${transfer_mount_point} (${transfer_mounted_dev}) is not an ext3/ext4 file system."
	echo "       Exiting."
	exit -1
fi

if ! cat /etc/fstab | grep "${transfer_mount_point}" | grep -qE ".*(\s|,)acl(,|\s).*"; then
	echo "WARNING: Underlying filesystem of mount-point ${transfer_mount_point} does not have ACL support. Enabling it temporarily..."
	mount -o remount,acl "${transfer_mount_point}"
fi

mkdir -p "${TRANSFER_TEACHERS}"
mkdir -p "${TRANSFER_STUDENTS}"

# create t1 - t9 for teachers
for i in 1 2 3 4 5 6 7 8 9; do
    mkdir -p "${TRANSFER_TEACHERS}/t${i}"
done

# create s05 - s13 for students
for i in 05 06 07 08 09 10 11 12 13; do
    mkdir -p "${TRANSFER_STUDENTS}/s${i}"
done

# ACLs for teachers' transfer folders
cd "${TRANSFER_TEACHERS}"

# ACLs
chown root:${GROUP_TEACHERS} .
chmod 0750 .

chown root:root t*
setfacl -m u::rwx t*
setfacl -m g::rwx t*
setfacl -m g:${GROUP_TEACHERS}:rwx t*
setfacl -m o::--- t*
setfacl -m d:u::rwx t*
setfacl -m d:g::rwx t*
setfacl -m d:g:${GROUP_TEACHERS}:rwx t*
setfacl -m d:o::--- t*

cd - 1>/dev/null

# ACLs for students' transfer folders
cd "${TRANSFER_STUDENTS}"

# ACLs
chown root:${GROUP_STUDENTS} .
chmod 0750 .
chown root:root s*
setfacl -m u::rwx s*
setfacl -m g::rwx s*
setfacl -m g:${GROUP_TEACHERS}:rwx s*
setfacl -m g:${GROUP_STUDENTS}:rwx s*
setfacl -m o::--- s*
setfacl -m d:u::rwx s*
setfacl -m d:g::rwx s*
setfacl -m d:g:${GROUP_TEACHERS}:rwx s*
setfacl -m d:g:${GROUP_STUDENTS}:r-x s*
setfacl -m d:o::--- s*

cd - 1>/dev/null

if ! cat /etc/fstab | grep ${transfer_mount_point} | grep -E ".*(\s|,)acl(,|\s).*"; then
	echo "WARNING: ${transfer_mount_point} does not support ACLs. Enable ACL support in /etc/fstab."
	mount -o remount,noacl "${transfer_mount_point}"
fi

exit 0