#!/bin/sh
#
#	checkhier 2.7 - check the directory hierarchy	Author: Kees J. Bot
#								7 May 1995

match $[id] {
with 'uid=0('*	
with *	echo "$0: must be run by root" >&2
	exit 1
}

# List of all interesting top level files and directories, with mode,
# owner and group.  Only the key files are listed, the rest is owned
# by bin, has mode 755 or 644, and is not critical to the operation of
# the system.
do {
	cat <<'EOF'
drwxr-xr-x	root	operator	/
drwxr-xr-x	bin	operator	/bin
drwxr-xr-x	root	operator	/dev
drwxr-xr-x	root	operator	/etc
-rw-r--r--	root	operator	/etc/fstab
-rw-r--r--	root	operator	/etc/group
-rw-r--r--	root	operator	/etc/hostname.file
-rw-r--r--	root	operator	/etc/inet.conf
-rw-r--r--	root	operator	/etc/motd
-rw-r--r--	root	operator	/etc/mtab
-rw-r--r--	root	operator	/etc/passwd
-rw-r--r--	root	operator	/etc/profile
-rw-r--r--	root	operator	/etc/protocols
-rw-r--r--	root	operator	/etc/rc
-rw-r--r--	root	operator	/etc/services
-rw-------	root	operator	/etc/shadow
-rw-r--r--	root	operator	/etc/termcap
-rw-r--r--	root	operator	/etc/ttytab
-rw-r--r--	root	operator	/etc/utmp
dr-xr-xr-x	root	operator	/mnt
dr-xr-xr-x	root	operator	/root
drwxrwxrwx	root	operator	/tmp
drwxr-xr-x	root	operator	/usr
drwxr-xr-x	root	operator	/usr/adm
-rw-r--r--	root	operator	/usr/adm/lastlog
-rw-r--r--	root	operator	/usr/adm/wtmp
drwxr-xr-x	ast	other		/usr/ast
drwxr-xr-x	bin	operator	/usr/bin
drwxr-xr-x	root	operator	/usr/etc
drwxr-xr-x	bin	operator	/usr/include
drwxr-xr-x	bin	operator	/usr/lib
drwxrwxr-x	root	operator	/usr/local
drwxrwxr-x	bin	operator	/usr/local/bin
drwxrwxr-x	bin	operator	/usr/local/include
drwxrwxr-x	bin	operator	/usr/local/lib
drwxrwxr-x	bin	operator	/usr/local/man
drwxrwxr-x	bin	operator	/usr/local/src
drwxr-xr-x	bin	operator	/usr/man
drwxr-xr-x	bin	operator	/usr/mdec
drwx------	root	operator	/usr/preserve
drwxr-xr-x	root	operator	/usr/run
drwxr-xr-x	root	operator	/usr/spool
drwx--x--x	root	operator	/usr/spool/at
drwx--x--x	root	operator	/usr/spool/at/past
drwx------	root	operator	/usr/spool/crontabs
drwxrwxr-x	root	uucp		/usr/spool/locks
drwx------	daemon	daemon		/usr/spool/lpd
drwxr-xr-x	bin	operator	/usr/src
drwxrwxrwx	root	operator	/usr/tmp
-rwsr-xr-x	root	?		/usr/bin/at
-rwsr-xr-x	root	?		/usr/bin/chfn
-rwsr-xr-x	root	?		/usr/bin/chsh
-rwsr-xr-x	root	?		/usr/bin/df
-rwsr-xr-x	root	?		/usr/bin/elvprsv
-rwsr-xr-x	root	?		/usr/bin/elvrec
-rwsr-xr-x	root	?		/usr/bin/format
-rwsr-xr-x	root	?		/usr/bin/hostaddr
-rwsr-xr-x	root	?		/usr/bin/install
-rwsr-xr-x	daemon	?		/usr/bin/lpd
-rwsr-xr-x	root	?		/usr/bin/mail
-rwsr-xr-x	root	?		/usr/bin/mount
-rwsr-xr-x	root	?		/usr/bin/passwd
-rwsr-xr-x	root	?		/usr/bin/ping
-rwxr-sr-x	?	kmem		/usr/bin/ps
-rwsr-xr--	root	?		/usr/bin/shutdown
-rwsr-xr-x	root	?		/usr/bin/su
-rwxr-sr-x	?	uucp		/usr/bin/term
-rwsr-xr-x	root	?		/usr/bin/umount
-rwxr-sr-x	?	tty		/usr/bin/write
EOF

} | do {
	# Check if each file has the proper attributes.  Offer a correction
	# if not.
	setglobal banner = '"\
# List of commands to fix the top level hierarchy.  Do not apply these
# commands blindly, but check and repair by hand.
'"

	while read mode owner group file
	{
	    shell { # "fix" a memory leak in set...

		set -$Flags $[ls -ld $file] '' '' '' ''
		setglobal curmode = $1, curowner = $3, curgroup = $4
		test $owner = '?' && setglobal curowner = $owner
		test $group = '?' && setglobal curgroup = $group

		# File types?
		if test x$[expr $mode : '\\(.\\)] != \
					x$[expr $curmode : '\\(.\\)]
		{
			match $curmode {
			with ?*	echo "$(banner)rm -r $file"
				setglobal banner = ''
			}
			setglobal curmode = '', curowner = '', curgroup = ''
			match $mode {
			with d*	echo "$(banner)mkdir $file"
				
			with -*	echo "$(banner)> $file"
				
			with *	echo "$0: $mode $file: unknown filetype" >&2
				exit 1
			}
			setglobal banner = ''
		}

		# Mode?
		if test x$mode != x$curmode
		{
			setglobal octmode = ''
			setglobal m = $mode
			for i in [u g o]
			{
				setglobal r = '0', w = '0', x = '0'
				match $m {
				with ?r??*		setglobal r = '4'
				}
				match $m {
				with ??w?*		setglobal w = '2'
				}
				match $m {
				with ???[xst]*	setglobal x = '1'
				}
				setglobal octmode = "$octmode$[expr $r + $w + $x]"
				setglobal m = $[expr $m : '...\\(.*\\)]
			}
			setglobal r = '0', w = '0', x = '0'
			match $mode {
			with ???[sS=]??????	setglobal r = '4'
			}
			match $mode {
			with ??????[sS=]???	setglobal w = '2'
			}
			match $mode {
			with ?????????[tT=]	setglobal x = '1'
			}
			match $r$w$x {
			with 000	
			with *	setglobal octmode = "$[expr $r + $w + $x]$octmode"
			}

			echo "$(banner)chmod $octmode $file"
			setglobal banner = ''
		}

		# Ownership?
		if test x$owner != x$curowner -o x$group != x$curgroup
		{
			echo "$(banner)chown $owner:$group $file"
			setglobal banner = ''
		}

		# The Minix shell forgets processes, so wait explicitly.
		wait

	    match $banner { with '' exit 1 with * exit 0 }} || setglobal banner = ''
	}
	match $banner {
	with ''	exit 1
	}
	exit 0
}