#!/bin/sh

set -eu

. /usr/share/geordi/_functions

Echo_debug "Setting and checking permissions"

Echo_debug "Setting permissions on chroot base"
chmod 711 "${RT}"

Echo_debug "Setting '644' permissions"
chmod 644 "${RT}/prelude.a" "${RT}/prelude.hpp.gch"

Echo_debug "Setting read-write permissions"
chmod 666 "${RT}/t.cpp" "${RT}/t.s" "${RT}/t.o"

Echo_debug "Setting read-write-execute permissions"
chmod 777 "${RT}/t"

Echo_debug "Checking writable files"
if [ $(find "${RT}" -perm -o+w 2>/dev/null | wc -l) -gt 4 ]
then
	Echo_error "More than 4 writable files in chroot"
	exit 1
fi

Echo_debug "Checking file ownership"
if [ $(find "${RT}" -user nobody 2>/dev/null | wc -l) -gt 0 ]
then
	Echo_error "Files owned by 'nobody' in chroot"
	exit 1
fi

Echo_debug "Checking setuid files"
if [ $(find "${RT}" -perm -4000 2>/dev/null | wc -l) -gt 0 ]
then
	Echo_error "Setuid files in chroot"
	exit 1
fi
