-
Notifications
You must be signed in to change notification settings - Fork 3
/
getfacl.cron
executable file
·34 lines (28 loc) · 1.21 KB
/
getfacl.cron
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/bin/bash
# +----+----+----+----+
# | | | | |
# Author: Mark David Scott Cunningham | M | D | S | C |
# +----+----+----+----+
# Created: 2016-10-01
# Updated: 2017-10-12
#
# Purpose: Log ownership and permissions for every file, so they can be recovered.
# This is intended as a safeguard against recursive chown/chmod.
#
# Create full log of ownership and permissions for all files/dirs on the server
logdir="/usr/local/lp/getfacl"
if [[ ! -d $logdir ]]; then mkdir -p $logdir; fi
# Log for everything not /home (compressed)
logfile="${logdir}/system_$(date +%F).log.gz"
find / -not -type l -not -path "/home*" -not -path "/proc*" \
| getfacl --absolute-names - 2> /dev/null \
| gzip -c --fast > $logfile
chmod 600 $logfile
# Log for /home (compressed)
logfile="${logdir}/home_$(date +%F).log.gz"
find /home* -not -type l \
| getfacl --absolute-names - 2> /dev/null \
| gzip -c --fast > $logfile
chmod 600 $logfile
# Remove logs more than seven (7) days old
find $logdir -name "*.log.gz" -mtime +6 -delete;