Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>(I don't have a setup handy to test this on, but it <em>should</em> work...)</p> <pre><code>#!/usr/bin/env bash # Checks the webroot for files owned by www daemon and # writable at the same time. This is only needed by some files # So we'll check with a whitelist WWWROOT=/var/www WWWUSER=www-data WHITELIST="(/wp-content/uploads|/wp-content/cache|/sitemap.xml)" listcount=0 whitelist_matches=0 while IFS="" read -r matchedentry; do if [[ "$matchedentry" =~ $WHITELIST ]]; then ((whitelist_matches++)) else echo -e "$matchedentry\r" ((listcount++)) fi done &lt; &lt;(find "$WWWROOT" -perm /u+w -user $WWWUSER -o -perm /g+w -group $WWWUSER) if (( $listcount &gt; 0 )); then         echo "$listcount items are writable by '$WWWUSER' ($whitelist_matches whitelisted)." else         echo "No writable items found ($whitelist_matches whitelisted)." fi </code></pre> <p>Edit: I've incorporated Dennis Williamson's suggestions on the math; also, here's a way to build the WHITELIST pattern starting from an array:</p> <pre><code>WHITELIST_ARRAY=(/wp-content/uploads /wp-content/cache /sitemap.xml ) WHITELIST="" for entry in "${WHITELIST_ARRAY[@]}"; do WHITELIST+="|$entry" done WHITELIST="(${WHITELIST#|})" # this removes the stray "|" from the front, and adds parens </code></pre> <p>Edit2: Sorpigal's comment about eliminating new processes got me thinking -- I suspect most of the speedup in this version comes from not running ~40 invocations of <code>grep</code> per scanned file, and just a little bit from removing the array manipulation, but it occurred to me that if you don't need the totals at the end, you could remove the main while loop and replace it with this:</p> <pre><code>find "$WWWROOT" -perm /u+w -user $WWWUSER -o -perm /g+w -group $WWWUSER | grep -v "$WHITELIST" </code></pre> <p>...which does run <code>grep</code>, but only once (and runs the entire file list through that single instance), and once it's started <code>grep</code>'ll be able to scan the list of files faster than a bash loop...</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload