##### end command line parsing ########
+tmpf=$(mktemp)
if $fast; then
lnf() { ln -sf "$@"; }
fi
local -a reload_services
local -a restart_services
reload_systemd=false
+ # note, i ran chmod -R g-s on the filesystem dirs
+ # so i could keep permissions of secret files
for dir in "$@"; do
fs=$dir/filesystem
if [[ -e $fs && $user =~ ^iank?$ ]]; then
# we dont want t, instead c for checksum.
# That way we dont set times on directories.
# -a = -rlptgoD
- cmd=( s rsync -rclpgoDiSAX --chown=root:root --chmod=g-s
+ cmd=( s rsync -rclpgoDiSAX --chown=root:root
--exclude=/etc/dovecot/users
--exclude='/etc/exim4/passwd*'
--exclude='/etc/exim4/*.pem'
$fs/ / )
echo "${cmd[@]@Q}"
+ "${cmd[@]}" | tee $tmpf
while read -r line; do
file="${line:12}"
case $file in
# A = preserve acls
# X = preserve extended attributes
# i = itemize
- done < <("${cmd[@]}")
+ done <$tmpf
fi
if ! $fast && [[ -e $dir/subdir_files ]]; then
#### begin special extra stuff ####
install -d -m700 ~/gpg-agent-socket
+ if [[ -e /etc/bitcoin ]] && getent group bitcoin &>/dev/null; then
+ s chown bitcoin:bitcoin /etc/bitcoin
+ fi
+
f=/var/lib/bind
if [[ -e $f ]]; then
# reset to the original permissions.
fi
for f in /etc/prometheus-{,export-}htpasswd; do
if [[ -e $f ]]; then
+ # note: this is duplicative of the file's own permissions
s chmod 640 $f
if getent passwd www-data &>/dev/null; then
s chown root:www-data $f
s chown nagios:www-data $f
fi
fi
+ f=/var/lib/bitcoind/settings.json
+ if [[ -e $f ]]; then
+ if getent passwd bitcoin &>/dev/null; then
+ s chown bitcoin:bitcoin $f
+ fi
+ fi
##### end special extra stuff #####
if ! $fast; then