check_permissions.sh 8.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216
  1. #!/bin/bash
  2. # LGSM check_permissions.sh
  3. # Author: Daniel Gibbs
  4. # Contributor: UltimateByte
  5. # Website: https://gameservermanagers.com
  6. # Description: Checks ownership & permissions of scripts, files and directories.
  7. local commandname="CHECK"
  8. local function_selfname="$(basename $(readlink -f "${BASH_SOURCE[0]}"))"
  9. fn_check_ownership(){
  10. if [ -f "${rootdir}/${selfname}" ]; then
  11. if [ $(find "${rootdir}/${selfname}" -not -user $(whoami)|wc -l) -ne "0" ]; then
  12. selfownissue=1
  13. fi
  14. fi
  15. if [ -d "${functionsdir}" ]; then
  16. if [ $(find "${functionsdir}" -not -user $(whoami)|wc -l) -ne "0" ]; then
  17. funcownissue=1
  18. fi
  19. fi
  20. if [ -d "${filesdir}" ]; then
  21. if [ $(find "${filesdir}" -not -user $(whoami)|wc -l) -ne "0" ]; then
  22. filesownissue=1
  23. fi
  24. fi
  25. if [ "${selfownissue}" == "1" ]||[ "${funcownissue}" == "1" ]||[ "${filesownissue}" == "1" ]; then
  26. fn_print_fail_nl "Ownership issues found"
  27. fn_script_log_fatal "Ownership issues found"
  28. fn_print_information_nl "The current user ($(whoami)) does not have ownership of the following files:"
  29. fn_script_log_info "The current user ($(whoami)) does not have ownership of the following files:"
  30. {
  31. echo -e "User\tGroup\tFile\n"
  32. if [ "${selfownissue}" == "1" ]; then
  33. find "${rootdir}/${selfname}" -not -user $(whoami) -printf "%u\t\t%g\t%p\n"
  34. fi
  35. if [ "${funcownissue}" == "1" ]; then
  36. find "${functionsdir}" -not -user $(whoami) -printf "%u\t\t%g\t%p\n"
  37. fi
  38. if [ "${filesownissue}" == "1" ]; then
  39. find "${filesdir}" -not -user $(whoami) -printf "%u\t\t%g\t%p\n"
  40. fi
  41. } | column -s $'\t' -t | tee -a "${scriptlog}"
  42. echo ""
  43. fn_print_information_nl "For more information, please see https://github.com/GameServerManagers/LinuxGSM/wiki/FAQ#-fail--starting-game-server-ownership-issues-found"
  44. fn_script_log "For more information, please see https://github.com/GameServerManagers/LinuxGSM/wiki/FAQ#-fail--starting-game-server-ownership-issues-found"
  45. core_exit.sh
  46. fi
  47. }
  48. fn_check_permissions(){
  49. if [ -d "${functionsdir}" ]; then
  50. if [ $(find "${functionsdir}" -type f -not -executable|wc -l) -ne "0" ]; then
  51. fn_print_fail_nl "Permissions issues found"
  52. fn_script_log_fatal "Permissions issues found"
  53. fn_print_information_nl "The following files are not executable:"
  54. fn_script_log_info "The following files are not executable:"
  55. {
  56. echo -e "File\n"
  57. find "${functionsdir}" -type f -not -executable -printf "%p\n"
  58. } | column -s $'\t' -t | tee -a "${scriptlog}"
  59. core_exit.sh
  60. fi
  61. fi
  62. # Check rootdir permissions
  63. if [ -n "${rootdir}" ]; then
  64. # Get permission numbers on directory under the form 775
  65. rootdirperm="$(stat -c %a "${rootdir}")"
  66. # Grab the first and second digit for user and group permission
  67. userrootdirperm="${rootdirperm:0:1}"
  68. grouprootdirperm="${rootdirperm:1:1}"
  69. if [ "${userrootdirperm}" != "7" ] && [ "${grouprootdirperm}" != "7" ]; then
  70. fn_print_fail_nl "Permissions issues found"
  71. fn_script_log_fatal "Permissions issues found"
  72. fn_print_information_nl "The following directory does not have the correct permissions:"
  73. fn_script_log_info "The following directory does not have the correct permissions:"
  74. fn_script_log_info "${rootdir}"
  75. ls -l "${rootdir}"
  76. core_exit.sh
  77. fi
  78. fi
  79. # Check if executable is executable and attempt to fix it
  80. # First get executable name
  81. execname="$(basename "${executable}")"
  82. if [ -f "${executabledir}/${execname}" ]; then
  83. # Get permission numbers on file under the form 775
  84. execperm="$(stat -c %a "${executabledir}/${execname}")"
  85. # Grab the first and second digit for user and group permission
  86. userexecperm="${execperm:0:1}"
  87. groupexecperm="${execperm:1:1}"
  88. # Check for invalid user permission
  89. if [ "${userexecperm}" == "0" ] || [ "${userexecperm}" == "2" ] || [ "${userexecperm}" == "4" ] || [ "${userexecperm}" == "6" ]; then
  90. # If user permission is invalid, then check for invalid group permissions
  91. if [ "${groupexecperm}" == "0" ] || [ "${groupexecperm}" == "2" ] || [ "${groupexecperm}" == "4" ] || [ "${groupexecperm}" == "6" ]; then
  92. # If permission issues are found
  93. fn_print_warn_nl "Permissions issue found"
  94. fn_script_log_warn "Permissions issue found"
  95. fn_print_information_nl "The following file is not executable:"
  96. ls -l "${executabledir}/${execname}"
  97. fn_script_log_info "The following file is not executable:"
  98. fn_script_log_info "${executabledir}/${execname}"
  99. fn_print_information_nl "Applying chmod u+x,g+x ${executabledir}/${execname}"
  100. fn_script_log_info "Applying chmod u+x,g+x ${execperm}"
  101. # Make the executable executable
  102. chmod u+x,g+x "${executabledir}/${execname}"
  103. # Second check to see if it's been successfully applied
  104. # Get permission numbers on file under the form 775
  105. execperm="$(stat -c %a "${executabledir}/${execname}")"
  106. # Grab the first and second digit for user and group permission
  107. userexecperm="${execperm:0:1}"
  108. groupexecperm="${execperm:1:1}"
  109. if [ "${userexecperm}" == "0" ] || [ "${userexecperm}" == "2" ] || [ "${userexecperm}" == "4" ] || [ "${userexecperm}" == "6" ]; then
  110. if [ "${groupexecperm}" == "0" ] || [ "${groupexecperm}" == "2" ] || [ "${groupexecperm}" == "4" ] || [ "${groupexecperm}" == "6" ]; then
  111. # If errors are still found
  112. fn_print_fail_nl "The following file could not be set executable:"
  113. ls -l "${executabledir}/${execname}"
  114. fn_script_log_warn "The following file could not be set executable:"
  115. fn_script_log_info "${executabledir}/${execname}"
  116. core_exit.sh
  117. fi
  118. fi
  119. fi
  120. fi
  121. fi
  122. }
  123. ## The following fn_sys_perm_* functions checks for permission errors in /sys directory
  124. # Checks for permission errors in /sys directory
  125. fn_sys_perm_errors_detect(){
  126. # Reset test variables
  127. sysdirpermerror="0"
  128. classdirpermerror="0"
  129. netdirpermerror="0"
  130. # Check permissions
  131. # /sys, /sys/class and /sys/class/net should be readable & executable
  132. if [ ! -r "/sys" ]||[ ! -x "/sys" ]; then
  133. sysdirpermerror="1"
  134. fi
  135. if [ ! -r "/sys/class" ]||[ ! -x "/sys/class" ]; then
  136. classdirpermerror="1"
  137. fi
  138. if [ ! -r "/sys/class/net" ]||[ ! -x "/sys/class/net" ]; then
  139. netdirpermerror="1"
  140. fi
  141. }
  142. # Display a message on how to fix the issue manually
  143. fn_sys_perm_fix_manually_msg(){
  144. echo ""
  145. fn_print_information_nl "This error causes servers to fail starting properly"
  146. fn_script_log_info "This error causes servers to fail starting properly."
  147. echo " * To fix this issue, run the following command as root:"
  148. fn_script_log_info "To fix this issue, run the following command as root:"
  149. echo " chmod a+rx /sys /sys/class /sys/class/net"
  150. fn_script_log "chmod a+rx /sys /sys/class /sys/class/net"
  151. sleep 1
  152. core_exit.sh
  153. }
  154. # Attempt to fix /sys related permission errors if sudo is available, exits otherwise
  155. fn_sys_perm_errors_fix(){
  156. sudo -v > /dev/null 2>&1
  157. if [ $? -eq 0 ]; then
  158. fn_print_dots "Automatically fixing /sys permissions"
  159. sleep 2
  160. fn_script_log_info "Automatically fixing /sys permissions."
  161. if [ "${sysdirpermerror}" == "1" ]; then
  162. sudo chmod a+rx "/sys"
  163. fi
  164. if [ "${classdirpermerror}" == "1" ]; then
  165. sudo chmod a+rx "/sys/class"
  166. fi
  167. if [ "${netdirpermerror}" == "1" ]; then
  168. sudo chmod a+rx "/sys/class/net"
  169. fi
  170. # Run check again to see if it's fixed
  171. fn_sys_perm_errors_detect
  172. if [ "${sysdirpermerror}" == "1" ]||[ "${classdirpermerror}" == "1" ]||[ "${netdirpermerror}" == "1" ]; then
  173. fn_print_error "Could not fix /sys permissions"
  174. fn_script_log_error "Could not fix /sys permissions."
  175. sleep 1
  176. # Show the user how to fix
  177. fn_sys_perm_fix_manually_msg
  178. else
  179. fn_print_ok_nl "Automatically fixing /sys permissions"
  180. fn_script_log_pass "Permissions in /sys fixed"
  181. sleep 1
  182. fi
  183. else
  184. # Show the user how to fix
  185. fn_sys_perm_fix_manually_msg
  186. fi
  187. }
  188. # Processes to the /sys related permission errors check & fix/info
  189. fn_sys_perm_error_process(){
  190. fn_sys_perm_errors_detect
  191. # If any error was found
  192. if [ "${sysdirpermerror}" == "1" ]||[ "${classdirpermerror}" == "1" ]||[ "${netdirpermerror}" == "1" ]; then
  193. fn_print_error_nl "Permission error(s) found in /sys"
  194. fn_script_log_error "Permission error(s) found in /sys"
  195. sleep 1
  196. # Run the fix
  197. fn_sys_perm_errors_fix
  198. fi
  199. }
  200. # Run perm error detect & fix/alert functions on /sys directories
  201. ## Run checks
  202. fn_check_ownership
  203. fn_check_permissions
  204. fn_sys_perm_error_process