#!/bin/bash

# As we progress, we may find additional files REQUIRING special permissions.
# Set write permissions for these files and directories in the chroot here.

# This allows write access to the Welcome Screen database to users in the "cdrom" group.
# IF this a system wide file, one user can disable or turn it off for *ALL* accounts.
# If this is meant to be on a per user basis, put the .db in ${HOME}/.config .
# Or rewrite welcome.py to write to the .db WHICH user requested to disable this feature.
chmod 777 /opt/pypep/dbpep
chmod 660 /opt/pypep/dbpep/welval.db
chgrp cdrom /opt/pypep/dbpep/welval.db

### After installation, additional groups to add new users to.
grep -B99 "#EXTRA_GROUPS=" /etc/adduser.conf 			>  /etc/adduser.conf.new
grep      "#EXTRA_GROUPS=" /etc/adduser.conf | cut -c2-		>> /etc/adduser.conf.new
grep -B3  "#ADD_EXTRA_GROUPS=" /etc/adduser.conf 		>> /etc/adduser.conf.new
grep      "#ADD_EXTRA_GROUPS=" /etc/adduser.conf | cut -c2-	>> /etc/adduser.conf.new
grep -B3  "#NAME_REGEX=" /etc/adduser.conf 			>> /etc/adduser.conf.new


# These are for the 3 installer scripts - icons.sh, themes.sh & walls.sh 
# In 0600- we created symlinks to these directories. This makes them writable.      
chmod 777 /usr/share/icons                                         
chmod 777 /usr/share/themes                                       
chmod 777 /usr/share/backgrounds

# Quick patch from https://www.zdnet.com/article/major-linux-policykit-security-vulnerability-uncovered-pwnkit/
#chmod 0755 /usr/bin/pkexec # Their patch didn't work "pkexec must be setuid root"