This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
RE: ntsec environment variable
- To: <cygwin at cygwin dot com>
- Subject: RE: ntsec environment variable
- From: "Michael Erdely" <cygwin at cygwin dot com>
- Date: Thu, 26 Apr 2001 17:04:29 -0400
I basically do this when I install a new Cygwin environment:
#!/bin/sh
##begin script
cd /
echo Changing ownership of all files to admins.admins
chown -R 544.544 .
echo Removing write permissions for others and groups
chmod -R og-w .
echo Changing ownership of home directories
for dir in /home/* ; do
if [ -d $dir ]; then
_USER=`basename $dir`
_GROUP=`id -g $_USER`
if [ $_GROUP ]; then
echo Changing $dir to be owned by $_USER.$_GROUP
chown -R $_USER.$_GROUP $dir
fi
fi
done
echo Fixing /tmp
chmod -R a+rwxt /tmp
echo Fixing /etc
chmod -R 644 /etc/*
chmod -R 755 /etc/postinstall /etc/setup
if [ -d /etc/ssmtp ]; then
chmod -R 755 /etc/ssmtp
fi
echo Fixing files in /
chmod -R 644 /cygwin.ico /setup.log*
echo Done.
##end script
You may have to manually fix things like /etc/ssh_host*_key files if
you're running ssh under a different user context than user 544
(administrator).
Mike Erdely
http://mike.erdelynet.com/
-----Original Message-----
From: cygwin-owner@sources.redhat.com
[mailto:cygwin-owner@sources.redhat.com] On Behalf Of Christopher Dale
Campbell
Sent: Thursday, April 26, 2001 3:21 PM
To: Corinna Vinschen
Subject: Re: ntsec environment variable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Anyone have any suggestions?
- ----- Original Message -----
From: "Corinna Vinschen" <cygwin@cygwin.com>
To: "Cygwin" <cygwin@cygwin.com>
Sent: Thursday, April 26, 2001 5:32 AM
Subject: Re: ntsec environment variable
> On Thu, Apr 26, 2001 at 04:51:48AM -0400, Christopher Dale Campbell
> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > - --SNIP--
> > >
> > > And chmod is ok to use for all users as long as they have the
> > > permission to do so. But my instruction was buggy. Ok, *sic*, try
> > > that:
> > >
> > > chmod 755 .
> > > chmod -R 755 bin
> > > find learn_c src -type d | xargs chmod 755
> > > find learn_c src tmp -type f | xargs chmod 644
> > >
> > > Corinna
> > >
> > - --SNIP--
> >
> > Will this also work for / ? As in, as 'administrator', could I do
> > a:
> >
> > find / -type d |xargs chmod 755
> > find / -type f |xargs chmod 644
> >
> > Would that give most things the correct permissions? Because after
> > a new install, and using the 'ntsec' env. var. all files are 777
> > (-rwxrwxrwx).
>
> That would be somewhat dangerous since all files which are executables
> need the x bit set. And that are not only .exe files but also .dll
> files and all shell scripts. So don't do this. Many small steps are
> better here.
>
> Corinna
>
> --
> Corinna Vinschen Please, send mails regarding
> Cygwin to Cygwin Developer
> mailto:cygwin@cygwin.com Red Hat, Inc.
>
> --
> Want to unsubscribe from this list?
> Check out: http://cygwin.com/ml/#unsubscribe-simple
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBOuh1EoXnWfGgRqP+EQIFJwCg+klmq1Ia4QcqYUzgCE3uNSMjURAAnAuJ
QyOXRaSECyF+IJaCsvNtL/Ld
=mEeP
-----END PGP SIGNATURE-----
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple