Ana Sayfa Keşfet Yardım
Giriş Yap
tzeneto
/
custom-kube-scheduler
İzle 1
Yıldızla 0
Çatalla 0
Files Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: f11b6cf217
Dallar Biçim İmleri
custom-kube-...
/
kubernetes
/
test
/
images
/
agnhost
/
mounttest
/
filePermissions.ps1

filePermissions.ps1 2.8 KB
Geçmiş Ham

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. # Copyright 2019 The Kubernetes Authors.
    2. 

  2. #
    3. 

  3. # Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. # you may not use this file except in compliance with the License.
    5. 

  5. # You may obtain a copy of the License at
    6. 

  6. #
    7. 

  7. #     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. #
    9. 

  9. # Unless required by applicable law or agreed to in writing, software
    10. 

  10. # distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. # See the License for the specific language governing permissions and
    13. 

  13. # limitations under the License.
    14. 

  14. 

  15. Param(
    16. 

  16.   [string]$FileName = $(throw "-FileName is required.")
    17. 

  17.  )
    18. 

  18. 

  19. 

  20. # read = read data | read attributes
    21. 

  21. $READ_PERMISSIONS = 0x0001 -bor 0x0080
    22. 

  22. 

  23. # write = write data | append data | write attributes | write EA
    24. 

  24. $WRITE_PERMISSIONS = 0x0002 -bor 0x0004 -bor 0x0100 -bor  0x0010
    25. 

  25. 

  26. # execute = read data | file execute
    27. 

  27. $EXECUTE_PERMISSIONS = 0x0001 -bor 0x0020
    28. 

  28. 

  29. 

  30. function GetFilePermissions($path) {
    31. 

  31.     $objPath = "Win32_LogicalFileSecuritySetting='$path'"
    32. 

  32.     $output = Invoke-WmiMethod -Namespace root/cimv2 -Path $objPath -Name GetSecurityDescriptor
    33. 

  33. 

  34.     if ($output.ReturnValue -ne 0) {
    35. 

  35.         $retVal = $output.ReturnValue
    36. 

  36.         Write-Error "GetSecurityDescriptor invocation failed with code: $retVal"
    37. 

  37.         exit 1
    38. 

  38.     }
    39. 

  39. 

  40.     $fileSD = $output.Descriptor
    41. 

  41.     $fileOwnerGroup = $fileSD.Group
    42. 

  42.     $fileOwner = $fileSD.Owner
    43. 

  43. 

  44.     if ($fileOwnerGroup.Name -eq $null -and $fileOwnerGroup.Domain -eq $null) {
    45. 

  45.         # the file owner's group is not recognized. Check if the Owner itself is
    46. 

  46.         # a group, and if so, default the group to it.
    47. 

  47.         net user $fileOwner.Name > $null 2> $null
    48. 

  48.         if (-not $?) {
    49. 

  49.             $fileOwnerGroup = $fileOwner
    50. 

  50.         }
    51. 

  51. 

  52.     }
    53. 

  53. 

  54.     $userMask = 0
    55. 

  55.     $groupMask = 0
    56. 

  56.     $otherMask = 0
    57. 

  57. 

  58.     foreach ($ace in $fileSD.DACL) {
    59. 

  59.         $mask = 0
    60. 

  60.         if ($ace.AceType -ne 0) {
    61. 

  61.             # not an Allow ACE, skip.
    62. 

  62.             continue
    63. 

  63.         }
    64. 

  64. 

  65.         # convert mask.
    66. 

  66.         if ( ($ace.AccessMask -band $READ_PERMISSIONS) -eq $READ_PERMISSIONS ) {
    67. 

  67.             $mask = $mask -bor 4
    68. 

  68.         }
    69. 

  69.         if ( ($ace.AccessMask -band $WRITE_PERMISSIONS) -eq $WRITE_PERMISSIONS ) {
    70. 

  70.             $mask = $mask -bor 2
    71. 

  71.         }
    72. 

  72.         if ( ($ace.AccessMask -band $EXECUTE_PERMISSIONS) -eq $EXECUTE_PERMISSIONS ) {
    73. 

  73.             $mask = $mask -bor 1
    74. 

  74.         }
    75. 

  75. 

  76.         # detect mask type.
    77. 

  77.         if ($ace.Trustee.Equals($fileOwner)) {
    78. 

  78.             $userMask = $mask
    79. 

  79.         }
    80. 

  80.         if ($ace.Trustee.Equals($fileOwnerGroup)) {
    81. 

  81.             $groupMask = $mask
    82. 

  82.         }
    83. 

  83.         if ($ace.Trustee.Name.ToLower() -eq "users") {
    84. 

  84.             $otherMask = $mask
    85. 

  85.         }
    86. 

  86.     }
    87. 

  87. 

  88.     return "$userMask$groupMask$otherMask"
    89. 

  89. }
    90. 

  90. 

  91. $mask = GetFilePermissions($FileName)
    92. 

  92. if (-not $?) {
    93. 

  93.     exit 1
    94. 

  94. }
    95. 

  95. 

  96. # print the permission mask Linux-style.
    97. 

  97. echo "0$mask"
    98. 

  98.