Simple Bash Script to Fix Account Permissions

Posted by Vanessa | Tagged under fixes,scripts | Posted on May 13, 2010

15

This is a simple bash script I wrote to fix the permissions and ownership of files within a cpanel account. To use, simply copy the script your server, chmod 755, and pass the usernames as arguments:

./fixperms user1 user2 user3

You can also run a server-wide loop like this:

for i in `ls -A /var/cpanel/users` ; do ./fixperms $i ; done

Below is the script, but I recommend downloading it from here to ensure that the formatting is correct.
#!/bin/bash # Script to fix permissions of accounts # Written by: Vanessa Vasile 5/13/10 # http://thecpaneladmin.com

if [ "$#" -lt "1" ];then echo "Must specify user" exit; fi

USER=$@

for user in $USER
do
HOMEDIR=$(egrep ^${user} /etc/passwd | cut -d: -f6)

if [ ! -f /var/cpanel/users/$user ]; then echo "$user user file missing, likely an invalid user"
elif [ "$HOMEDIR" == "" ];then echo "Couldn't determine home directory for $user"

else

echo "Setting ownership for user $user"

chown -R $user:$user $HOMEDIR chmod 711 $HOMEDIR chown $user:nobody $HOMEDIR/public_html $HOMEDIR/.htpasswds chown $user:mail $HOMEDIR/etc $HOMEDIR/etc/*/shadow $HOMEDIR/etc/*/passwd

echo "Setting permissions for user $USER"

find $HOMEDIR -type f -exec chmod 644 {} \; -print
find $HOMEDIR -type d -exec chmod 755 {} \; -print
find $HOMEDIR -type d -name cgi-bin -exec chmod 755 {} \; -print
find $HOMEDIR -type f $ -name "*.pl" -o -name "*.perl" $ -exec chmod 755 {} \; -print
fi done

Liking this article? Share it and spread the word!

Comments (15)

XxRa3eDxX said on May-15-2010
	Why not use this ^_^ find /home//public_html/ -type f -exec chmod 644 {} \; find /home//public_html/ -type d -exec chmod 755 {} \; we can specify user by replace * with usename and we can use this to make chown for all websites for i in `ls /var/cpanel/users` ; do chown -R $i.$i /home/$i/public_html/* ; done Thanks for you Al-Ra3eD.CoM

Matt said on Jun-04-2010
	I already wrote this very script several years ago …. However, my script doesn’t have all the obvious and extremely dangerous exploitable security issues that this script has as well as the bug in your user matching in the code you posted above. Contact me and I will help you fix the script –Matt

Vanessa said on Jun-04-2010
	@Matt Improvements are always welcome – feel free to email me at admin[at]v-nessa.net and we’ll take a look. Do you have a link to the script you wrote, and I’ll post that one as well?

mo said on Feb-01-2011
	works like a charm. many thanks!!!

Burt said on Mar-02-2011
	Damn girl, Nice script!

Hosting en Colombia said on Mar-18-2011
	Hello Vannesa, after dealing with this issue by hand with no success i have tried your script and it did the job nicely and my hosting user again can create email accounts. Many Thanks from Colombia.

Hadi Naser said on Apr-25-2011
	Thank you Vanessa, this is great script, it saves me huge time fixing over 300 websites :) All the best Hadi

Igor said on May-21-2011
	Saved my Day, many thanks.

Server hacked! \| HostGator Coupons Code said on Jul-14-2011
	[...] installed! Even thats showing a 500 internal error! iKocka replied: Take a look at this link: http://www.thecpaneladmin.com/fix-account-permissions/ rum&coke replied: Do you have access to the firewall? if so why don’t you put a block on [...]

Mihir said on Jul-28-2011
	your script saved my day. some file’s permission broke after importing cpmove file, and your script fixed it in no time.

Josh said on Sep-04-2011
	Thankyou! Your script saved me from what could have been hours of work! Awesome work here :)

Guillermo Calvo said on Sep-15-2011

Hi Vanessa

Great time saver script !!

I found a little bug today while I was using this script

If you have several account names like albert, alberto,albert123 and you execute ./fixperms albert the script will change the ownership of all accounts names starting with albert

The fix is very simple:

HOMEDIR=$(grep -w $user /etc/passwd | cut -d: -f6)

I added the “-w” to the grep command

Thank You

Guillermo

Mohamd Anouar said on Sep-19-2011
	i think is better to do the grep or the directory user with grep -w , is there are two users with diiference of 1 letter in the end , the script handle in error home directory , exemple , we have user1 and user11 for example ./fixperms user11 , the script work on the directory user1 . so is better to change the line to HOMEDIR=$(grep -w $user /etc/passwd \| cut -d: -f6)

acanclinirosan said on Oct-01-2011
	Great article, I just given this onto a co-worker who was doing a little research on that. And he in fact purchased me lunch because I discovered it for him

hostlive said on Jan-05-2012
	nice script i test now working i am very very thank you for shard

Featured Posts