This experimental tool called repair-shared based on pwalk that will repair permissions in shared posix folders
The uses the same command line arguments --NoSnap, --exclude and folder to scan a file system but can repair permissions in a shared folder so that the content of that folder is accessible to the members of the security group with which these folders are shared.
Implemented these features while logging all changes to STDOUT and errors to STDERR
Set the setgid bit on all folders if not set.
If a file or folder has a gidNumber that is identical to the uidNumber (private group) change the group ownership to the group that owns the first found folder up the tree where that gidNumber is not identical to the uidNumber owning that folder. Stop searching at the root folder where the crawl began and print an error if no group can be found. Only print one error per tree (e.g. root folder is owned by private group)
Ensure that each file has at least group read permissions and each folder has at least group read+execute permissions. (chmod +g)
also implemented a --dry-run argument for testing only where no changes are made to the file system or file system metadata
fizwit
commented
2 months ago
This experimental tool called repair-shared based on pwalk that will repair permissions in shared posix folders
The uses the same command line arguments --NoSnap, --exclude and folder to scan a file system but can repair permissions in a shared folder so that the content of that folder is accessible to the members of the security group with which these folders are shared.
Implemented these features while logging all changes to STDOUT and errors to STDERR
also implemented a --dry-run argument for testing only where no changes are made to the file system or file system metadata