bubbles/iso_configs/hooks/normal/0610-set-permissions.hook.c...

55 lines
2.4 KiB
Plaintext
Raw Normal View History

2024-09-21 21:27:04 +00:00
#!/bin/bash
# As we progress, we may find additional files REQUIRING special permissions.
# Set write permissions for these files and directories in the chroot here.
# This allows write access to the Welcome Screen database to users in the "cdrom" group.
# IF this a system wide file, one user can disable or turn it off for *ALL* accounts.
# If this is meant to be on a per user basis, put the .db in ${HOME}/.config .
# Or rewrite welcome.py to write to the .db WHICH user requested to disable this feature.
# Set Permissions on desktop files
# Desktop links
chmod 755 /usr/share/applications/Pephub.desktop
chmod 755 /usr/share/applications/Welcome.desktop
chmod 755 /usr/share/applications/plank.desktop
chmod 755 /usr/share/applications/kumo.desktop
chmod 755 /usr/share/applications/Install-peppermint.desktop
# Executables
chmod 755 /usr/local/bin/hub
chmod 755 /usr/local/bin/xDaily
chmod 755 /usr/local/bin/kumo
chmod 755 /usr/local/bin/welcome
chmod 755 /usr/bin/install-peppermint
# Set permissions on the Python libs
chmod 755 -R /usr/lib/python3/dist-packages/tendo
chmod 755 -R /usr/lib/python3/dist-packages/tendo-0.3.0.dist-info
chmod 755 -R /usr/lib/python3/dist-packages/ttkbootstrap
chmod 755 -R /usr/lib/python3/dist-packages/ttkbootstrap-1.10.1.dist-info
chmod 755 -R /usr/lib/python3/dist-packages/ttkcreator
# Set permissions on the lines theme
chmod 755 -R /usr/share/desktop-base/lines-theme
# Set Grub Themes Permission
chmod 755 -R /boot/grub/themes
# Set the Calamares Permissions]
chmod 755 -R /etc/calamares
### After installation, additional groups to add new users to.
grep -B99 "#EXTRA_GROUPS=" /etc/adduser.conf > /etc/adduser.conf.new
grep "#EXTRA_GROUPS=" /etc/adduser.conf | cut -c2- >> /etc/adduser.conf.new
grep -B3 "#ADD_EXTRA_GROUPS=" /etc/adduser.conf >> /etc/adduser.conf.new
grep "#ADD_EXTRA_GROUPS=" /etc/adduser.conf | cut -c2- >> /etc/adduser.conf.new
grep -B3 "#NAME_REGEX=" /etc/adduser.conf >> /etc/adduser.conf.new
# These are for the 3 installer scripts - icons.sh, themes.sh & walls.sh
# In 0600- we created symlinks to these directories. This makes them writable.
chmod 755 -R /usr/share/icons
chmod 755 -R /usr/share/themes
chmod 755 -R /usr/share/backgrounds
chmod 755 -R /usr/share/pixmaps
# Quick patch from https://www.zdnet.com/article/major-linux-policykit-security-vulnerability-uncovered-pwnkit/
#chmod 0755 /usr/bin/pkexec # Their patch didn't work "pkexec must be setuid root"