#!/usr/local/cpanel/3rdparty/bin/perl
# cpanel - scripts/enablefileprotect Copyright 2022 cPanel, L.L.C.
# All rights reserved.
# copyright@cpanel.net http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
package scripts::enablefileprotect;
use cPstrict;
use parent qw( Cpanel::HelpfulScript );
use Cpanel::Autodie ();
use Cpanel::FileProtect ();
use Cpanel::FileProtect::Constants ();
use Cpanel::FileProtect::Sync ();
use Cpanel::Filesys::Home ();
use Cpanel::UserIterator ();
use Try::Tiny;
use constant _OPTIONS => ();
__PACKAGE__->new(@ARGV)->run() if !caller;
sub run ($self) {
if ( !Cpanel::FileProtect->is_on() ) {
Cpanel::FileProtect->set_on() or die "Error while setting Fileprotect flag to on: $!";
}
for my $mount ( Cpanel::Filesys::Home::get_all_homedirs() ) {
# "homedir" in this context is "/home", "/home2", etc.
my $perms = Cpanel::FileProtect::Constants::DEFAULT_MOUNT_PERMS();
printf "Setting %s permissions to %#o … \n", $mount, $perms;
try {
Cpanel::Autodie::chmod( $perms, $mount );
}
catch {
warn $_;
};
}
print "Setting permissions for users …\n";
my $user_iter = Cpanel::UserIterator->new( 'cpanel_only' => 1 );
while ( my $user = $user_iter->user() ) {
print "$user …\n";
try {
warn $_->to_string() for Cpanel::FileProtect::Sync::sync_user_homedir($user);
}
catch {
warn "Skipping $user because of an error: $_\n";
};
$user_iter->next();
}
print "… Done\n";
return;
}
sub full_help {
return <<~"EO_HELP";
Usage: $0 [--help]
Protect the public_html directory of each user account so that only Apache and the user may
view its contents. Use the disablefileprotect script to reverse the process.
Options:
--help - this screen
EO_HELP
}
1;
|