Windy/LinuxGSM
1
0
Fork 0
mirror of https://github.com/GameServerManagers/LinuxGSM.git synced 2025-04-04 22:33:53 +08:00
Code Issues Packages Projects Releases Wiki Activity
LinuxGSM/lgsm/modules/check_permissions.sh
Daniel Gibbs 8d17622af3
feat: add ismygameserver.online links (#4742)
2025-01-08 18:22:16 +00:00

260 lines
9.5 KiB
Bash
Raw Blame History

#!/bin/bash
# LinuxGSM check_permissions.sh
# Author: Daniel Gibbs
# Contributors: https://linuxgsm.com/contrib
# Website: https://linuxgsm.com
# Description: Checks ownership & permissions of scripts, files and directories.
moduleselfname="$(basename "$(readlink -f "${BASH_SOURCE[0]}")")"
fn_check_ownership() {
if [ -f "${rootdir}/${selfname}" ]; then
if [ "$(find "${rootdir}/${selfname}" -not -user "$(whoami)" | wc -l)" -ne "0" ]; then
selfownissue=1
fi
fi
if [ -d "${lgsmdir}" ]; then
if [ "$(find "${lgsmdir}" -not -user "$(whoami)" | wc -l)" -ne "0" ]; then
lgsmownissue=1
fi
fi
if [ -d "${modulesdir}" ]; then
if [ "$(find "${modulesdir}" -not -name '*.swp' -not -user "$(whoami)" | wc -l)" -ne "0" ]; then
funcownissue=1
fi
fi
if [ -d "${serverfiles}" ]; then
if [ "$(find "${serverfiles}" -not -name '*.swp' -not -user "$(whoami)" | wc -l)" -ne "0" ]; then
filesownissue=1
fi
fi
if [ "${selfownissue}" == "1" ] || [ "${lgsmownissue}" == "1" ] || [ "${filesownissue}" == "1" ]; then
fn_print_fail_nl "Ownership issues found"
fn_script_log_fail "Ownership issues found"
fn_print_information_nl "The current user ($(whoami)) does not have ownership of the following files:"
fn_script_log_info "The current user ($(whoami)) does not have ownership of the following files:"
{
echo -en "User\tGroup\tFile:"
if [ "${selfownissue}" == "1" ]; then
find "${rootdir}/${selfname}" -not -user "$(whoami)" -printf "%u\t%g\t%p\n"
fi
if [ "${lgsmownissue}" == "1" ]; then
find "${lgsmdir}" -not -user "$(whoami)" -printf "%u\t%g\t%p\n"
fi
if [ "${filesownissue}" == "1" ]; then
find "${serverfiles}" -not -user "$(whoami)" -printf "%u\t%g\t%p\n"
fi
} | column -s $'\t' -t | tee -a "${lgsmlog}"
echo -e ""
fn_print_information_nl "please see https://docs.linuxgsm.com/support/faq#fail-starting-game-server-permission-issues-found"
fn_script_log "For more information, please see https://docs.linuxgsm.com/support/faq#fail-starting-game-server-permission-issues-found"
if [ "${monitorflag}" == 1 ]; then
alert="permissions"
alert.sh
fi
core_exit.sh
fi
}
fn_check_permissions() {
# Check modules files are executable.
if [ -d "${modulesdir}" ]; then
findnotexecutable="$(find "${modulesdir}" -type f -not -executable)"
findnotexecutablewc="$(find "${modulesdir}" -type f -not -executable | wc -l)"
if [ "${findnotexecutablewc}" -ne "0" ]; then
fn_print_error_nl "Permissions issues found"
fn_script_log_error "Permissions issues found"
fn_print_information_nl "The following files are not executable:"
fn_script_log_info "The following files are not executable:"
{
echo -en "File:"
echo -en "${findnotexecutable}"
} | column -s $'\t' -t | tee -a "${lgsmlog}"
# Attempt to make the files executable
fn_print_information_nl "Attempting to fix permissions issues"
fn_script_log_info "Attempting to fix permissions issues"
echo "${findnotexecutable}" | xargs chmod +x
# Re-check if there are still non-executable files
findnotexecutable="$(find "${modulesdir}" -type f -not -executable)"
findnotexecutablewc="$(find "${modulesdir}" -type f -not -executable | wc -l)"
if [ "${findnotexecutablewc}" -ne "0" ]; then
fn_print_fail_nl "Failed to resolve permissions issues"
fn_script_log_fail "Failed to resolve permissions issues"
if [ "${monitorflag}" == 1 ]; then
alert="permissions"
alert.sh
fi
core_exit.sh
else
fn_print_ok_nl "Permissions issues resolved"
fn_script_log_pass "Permissions issues resolved"
fi
fi
fi
# Check rootdir permissions.
if [ -d "${rootdir}" ]; then
# Get permission numbers on directory should return 775.
rootdirperm=$(stat -c %a "${rootdir}")
# Grab the first and second digit for user and group permission.
userrootdirperm="${rootdirperm:0:1}"
grouprootdirperm="${rootdirperm:1:1}"
if [ "${userrootdirperm}" != "7" ] && [ "${grouprootdirperm}" != "7" ]; then
fn_print_fail_nl "Permissions issues found"
fn_script_log_fail "Permissions issues found"
fn_print_information_nl "The following directory does not have the correct permissions:"
fn_script_log_info "The following directory does not have the correct permissions:"
fn_script_log_info "${rootdir}"
ls -l "${rootdir}"
if [ "${monitorflag}" == 1 ]; then
alert="permissions"
alert.sh
fi
core_exit.sh
fi
fi
# Check if executable is executable and attempt to fix it.
# First get executable name.
execname=$(basename "${executable}")
if [ -f "${executabledir}/${execname}" ]; then
# Get permission numbers on file under the form 775.
execperm=$(stat -c %a "${executabledir}/${execname}")
# Grab the first and second digit for user and group permission.
userexecperm="${execperm:0:1}"
groupexecperm="${execperm:1:1}"
# Check for invalid user permission.
if [ "${userexecperm}" == "0" ] || [ "${userexecperm}" == "2" ] || [ "${userexecperm}" == "4" ] || [ "${userexecperm}" == "6" ]; then
# If user permission is invalid, then check for invalid group permissions.
if [ "${groupexecperm}" == "0" ] || [ "${groupexecperm}" == "2" ] || [ "${groupexecperm}" == "4" ] || [ "${groupexecperm}" == "6" ]; then
# If permission issues are found.
fn_print_warn_nl "Permissions issue found"
fn_script_log_warn "Permissions issue found"
fn_print_information_nl "The following file is not executable:"
ls -l "${executabledir}/${execname}"
fn_script_log_info "The following file is not executable:"
fn_script_log_info "${executabledir}/${execname}"
fn_print_information_nl "Applying chmod u+x,g+x ${executabledir}/${execname}"
fn_script_log_info "Applying chmod u+x,g+x ${execperm}"
# Make the executable executable.
chmod u+x,g+x "${executabledir}/${execname}"
# Second check to see if it's been successfully applied.
# Get permission numbers on file under the form 775.
execperm=$(stat -c %a "${executabledir}/${execname}")
# Grab the first and second digit for user and group permission.
userexecperm="${execperm:0:1}"
groupexecperm="${execperm:1:1}"
if [ "${userexecperm}" == "0" ] || [ "${userexecperm}" == "2" ] || [ "${userexecperm}" == "4" ] || [ "${userexecperm}" == "6" ]; then
if [ "${groupexecperm}" == "0" ] || [ "${groupexecperm}" == "2" ] || [ "${groupexecperm}" == "4" ] || [ "${groupexecperm}" == "6" ]; then
# If errors are still found.
fn_print_fail_nl "The following file could not be set executable:"
ls -l "${executabledir}/${execname}"
fn_script_log_warn "The following file could not be set executable:"
fn_script_log_info "${executabledir}/${execname}"
if [ "${monitorflag}" == "1" ]; then
alert="permissions"
alert.sh
fi
core_exit.sh
fi
fi
fi
fi
fi
}
## The following fn_sys_perm_* function checks for permission errors in /sys directory.
# Checks for permission errors in /sys directory.
fn_sys_perm_errors_detect() {
# Reset test variables.
sysdirpermerror="0"
classdirpermerror="0"
netdirpermerror="0"
# Check permissions.
# /sys, /sys/class and /sys/class/net should be readable & executable.
if [ ! -r "/sys" ] || [ ! -x "/sys" ]; then
sysdirpermerror="1"
fi
if [ ! -r "/sys/class" ] || [ ! -x "/sys/class" ]; then
classdirpermerror="1"
fi
if [ ! -r "/sys/class/net" ] || [ ! -x "/sys/class/net" ]; then
netdirpermerror="1"
fi
}
# Display a message on how to fix the issue manually.
fn_sys_perm_fix_manually_msg() {
echo -e ""
fn_print_information_nl "This error causes servers to fail starting properly"
fn_script_log_info "This error causes servers to fail starting properly."
echo -e " * To fix this issue, run the following command as root:"
fn_script_log_info "To fix this issue, run the following command as root:"
echo -e " chmod a+rx /sys /sys/class /sys/class/net"
fn_script_log "chmod a+rx /sys /sys/class /sys/class/net"
fn_sleep_time_5
if [ "${monitorflag}" == 1 ]; then
alert="permissions"
alert.sh
fi
core_exit.sh
}
# Attempt to fix /sys related permission errors if sudo is available, exits otherwise.
fn_sys_perm_errors_fix() {
if sudo -n true > /dev/null 2>&1; then
fn_print_dots "Fixing /sys permissions"
fn_script_log_info "Fixing /sys permissions."
if [ "${sysdirpermerror}" == "1" ]; then
sudo chmod a+rx "/sys"
fi
if [ "${classdirpermerror}" == "1" ]; then
sudo chmod a+rx "/sys/class"
fi
if [ "${netdirpermerror}" == "1" ]; then
sudo chmod a+rx "/sys/class/net"
fi
# Run check again to see if it's fixed.
fn_sys_perm_errors_detect
if [ "${sysdirpermerror}" == "1" ] || [ "${classdirpermerror}" == "1" ] || [ "${netdirpermerror}" == "1" ]; then
fn_print_error "Could not fix /sys permissions"
fn_script_log_error "Could not fix /sys permissions."
# Show the user how to fix.
fn_sys_perm_fix_manually_msg
else
fn_print_ok_nl "Fixing /sys permissions"
fn_script_log_pass "Permissions in /sys fixed"
fi
else
# Show the user how to fix.
fn_sys_perm_fix_manually_msg
fi
}
# Processes to the /sys related permission errors check & fix/info.
fn_sys_perm_error_process() {
fn_sys_perm_errors_detect
# If any error was found.
if [ "${sysdirpermerror}" == "1" ] || [ "${classdirpermerror}" == "1" ] || [ "${netdirpermerror}" == "1" ]; then
fn_print_dots "Checking /sys permissions"
fn_print_error_nl "Checking /sys permissions"
fn_script_log_error "Checking /sys permissions"
# Run the fix
fn_sys_perm_errors_fix
fi
}
## Run permisions checks when not root.
if [ "$(whoami)" != "root" ]; then
fn_check_ownership
fn_check_permissions
if [ "${commandname}" == "START" ]; then
fn_sys_perm_error_process
fi
fi
Reference in New Issue View Git Blame Copy Permalink