1+ #!/usr/bin/with-contenv bash
2+ # shellcheck shell=bash
3+
4+ if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
5+ FILES=$(find ${ATTACHED_DEVICES_PERMS} -print 2>/dev/null)
6+
7+ for i in ${FILES}; do
8+ FILE_GID=$(stat -c '%g' "${i}")
9+ FILE_UID=$(stat -c '%u' "${i}")
10+ # check if user matches device
11+ if id -u abc | grep -qw "${FILE_UID}"; then
12+ echo "**** permissions for ${i} are good ****"
13+ else
14+ # check if group matches and that device has group rw
15+ if id -G abc | grep -qw "${FILE_GID}" && [[ $(stat -c '%A' "${i}" | cut -b 5,6) == "rw" ]]; then
16+ echo "**** permissions for ${i} are good ****"
17+ # check if device needs to be added to group
18+ elif ! id -G abc | grep -qw "${FILE_GID}"; then
19+ # check if group needs to be created
20+ GROUP_NAME=$(getent group "${FILE_GID}" | awk -F: '{print $1}')
21+ if [[ -z "${GROUP_NAME}" ]]; then
22+ GROUP_NAME="group$(head /dev/urandom | tr -dc 'a-z0-9' | head -c4)"
23+ groupadd "${GROUP_NAME}"
24+ groupmod -g "${FILE_GID}" "${GROUP_NAME}"
25+ echo "**** creating group ${GROUP_NAME} with id ${FILE_GID} ****"
26+ fi
27+ echo "**** adding ${i} to group ${GROUP_NAME} with id ${FILE_GID} ****"
28+ usermod -a -G "${GROUP_NAME}" abc
29+ fi
30+ # check if device has group rw
31+ if [[ $(stat -c '%A' "${i}" | cut -b 5,6) != "rw" ]]; then
32+ echo -e "**** The device ${i} does not have group read/write permissions, attempting to fix inside the container. ****"
33+ chmod g+rw "${i}"
34+ fi
35+ fi
36+ done
37+ fi
0 commit comments