check_dir_perms.sh #1 

#!/bin/bash
set -u

declare ThisScript="${0##*/}"
declare Version=1.0.1
declare ThisUser=
declare ThisHost=${HOSTNAME%%.*}
declare -i ErrorCount=0

#==============================================================================
# Local Functions

# Note: This script does not use SDP library files, as its purpose is to
# upgrade the SDP installation.
function msg () { echo -e "$*"; }
function errmsg () { msg "\\nError: ${1:-Unknown Error}\\n"; ErrorCount+=1; }
###function bail () { errmsg "${1:-Unknown Error}"; exit "${2:-1}"; }

#------------------------------------------------------------------------------
# Function: check_ownership ($dir, $expectedUser, $expectedGroup)
# $dir - directory to check.
# $expectedUser - Expected user.
# $expectedGroup - Expected group ownership. Optional; if not specified,
# group check is skipped.
check_ownership() {
   local dir="${1:-}"
   local expectedUser="${2:-}"
   local expectedGroup="${3:-unset}"

   # Check if required arguments are provided
   if [[ -z "$dir" || -z "$expectedUser" || -z "$expectedGroup" ]]; then
      msg "Usage: check_ownership <directory> <expectedUser> [<expectedGroup>]"
      return 2
   fi

   # Ensure the directory path ends with a '/'
   [[ "${dir: -1}" != "/" ]] && dir="${dir}/"

   msg "Checking ownership of directory: $dir"
   msg "Expected user: $expectedUser, Expected group: $expectedGroup"

   # Traverse directory, handling inaccessible files gracefully
   if [[ "$expectedGroup" != unset ]]; then
      anomalies=$(find "$dir" -exec stat --format="%U %G %n" {} + 2>/dev/null | awk -v user="$expectedUser" -v group="$expectedGroup" '
         $1 != user || $2 != group {
            print $1, $2, $3
         }')
   else
      anomalies=$(find "$dir" -exec stat --format="%U %n" {} + 2>/dev/null | awk -v user="$expectedUser" '
         $1 != user {
            print $1, $2
         }')
   fi

   # Check if anomalies were found.
   if [[ -z "$anomalies" ]]; then
      msg "No ownership anomalies found."
      return 0
   fi

   # Display anomalies and suggest corrections
   msg "Found ownership anomalies:"
      if [[ "$expectedGroup" != unset ]]; then
      echo "$anomalies" | while read -r actualUser actualGroup file; do
         errmsg "$file is owned by $actualUser:$actualGroup, expected $expectedUser:$expectedGroup."
         if [[ -L "$file" ]]; then
            # Command to change ownership of symlink
            msg "Suggested fix: sudo chown -h $expectedUser:$expectedGroup $file"
         else
            # Command to change ownership of regular file or directory
            msg "Suggested fix: sudo chown $expectedUser:$expectedGroup $file"
         fi
      done
   else
      echo "$anomalies" | while read -r actualUser file; do
         errmsg "$file is owned by $actualUser, expected $expectedUser."
         if [[ -L "$file" ]]; then
            # Command to change ownership of symlink
            msg "Suggested fix: sudo chown -h $expectedUser $file"
         else
            # Command to change ownership of regular file or directory
            msg "Suggested fix: sudo chown $expectedUser $file"
         fi
      done
   fi

   return 1
}

# Call the function if executed directly.
echo "${BASH_SOURCE[0]} == $0"
if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
   ThisUser=$(whoami)
   msg "Starting $ThisScript v$Version as $ThisUser@$ThisHost at $(date +'%a %Y-%m-%d %H:%M:%S %Z')"
   check_ownership "$@"
   exit "$ErrorCount"
fi
# Change User Description Committed
#2 31020 C. Thomas Tyler Follow on change for @31019.
#1 30933 C. Thomas Tyler Added check for proper ownership of all files in P4ROOT.

Added separate utility for checking ownership (and optionally group) of all files
in a given path.

Fixes SDP-1119.

#review-30934