matthijskooijman · June 24, 2014 11:10
diff --git a/gistfile1.txt b/gistfile1.txt
 matthijs@web:~$ wwwperm -h
 usage: wwwperm [-h] [-g ADMIN_GROUP] [-u APP_USER] [-R] [-v] [-y] [-w | -r]
               (-F | -n | -c | -W)
               files [files ...]

 Fix up or check permissions on parts of the webroot.

 Each part of the webroot is assumed to have a single admin-group, which
 is the group of users that has write access to all files in that part
 (through being the owning group of files).

 Furthermore, the app-user is the user that webapps run under for that
 part of the webroot, which will always have read access (through an ACL
 entry) and can optionally have write access (through being the owner of
 files).

 When --fix is specified, the permissions will be reset to the standard
 permissions exactly - any extra ACL entries will be cleared.
 special care to make sure that --admin-group and --app-user are correct,
 incorrect values will throw away information.

 positional arguments:
  files                 The files or directories to work on

 optional arguments:
  -h, --help            show this help message and exit
  -g ADMIN_GROUP, --admin-group ADMIN_GROUP
                        The name of the administrators group
  -u APP_USER, --app-user APP_USER
                        The name of the user under which webapps run
  -R, --recursive       Apply permissions recursively
  -v, --verbose         increase output verbosity
  -y, --assume-yes      Use guessed values without asking
  -w, --app-writable    Grant the app user write access
  -r, --app-readonly    Do not grant the app user write access
  -F, --fix             Fix permissions
  -n, --dry-run         Show what would be changed by --fix
  -c, --check           Show differences compared to the permissions that
                        would be set
  -W, --find-writable   Find all paths owned by the app user. Implies
                        --recursive

 When --admin-group is not specified, it is guessed based on the current
 owning group of the specified files, their parent directory, or based on
 the name of the app-user.

 When --app-user is not specified, it is guessed based on the ACL of the
 specified files, their parent directory, or based on the root domain
 part of the filename (e.g. /data/www/tikatika.nl).

 Guessing happens once for each file specified on the commandline. If
 --recursive is given, the guessed values are reused during recursion. If
 any values are guessed and --assume-yes is not passed, a confirmation
 prompt is shown before using the guessed values.

 When neither --app-writable nor --app-readonly is passed, the current
 writable (based on the file ownership only, not on the actual writable
 status!).
	matthijs@web:~$ wwwperm -h
	usage: wwwperm [-h] [-g ADMIN_GROUP] [-u APP_USER] [-R] [-v] [-y] [-w \| -r]
	(-F \| -n \| -c \| -W)
	files [files ...]

	Fix up or check permissions on parts of the webroot.

	Each part of the webroot is assumed to have a single admin-group, which
	is the group of users that has write access to all files in that part
	(through being the owning group of files).

	Furthermore, the app-user is the user that webapps run under for that
	part of the webroot, which will always have read access (through an ACL
	entry) and can optionally have write access (through being the owner of
	files).

	When --fix is specified, the permissions will be reset to the standard
	permissions exactly - any extra ACL entries will be cleared.
	special care to make sure that --admin-group and --app-user are correct,
	incorrect values will throw away information.

	positional arguments:
	files The files or directories to work on

	optional arguments:
	-h, --help show this help message and exit
	-g ADMIN_GROUP, --admin-group ADMIN_GROUP
	The name of the administrators group
	-u APP_USER, --app-user APP_USER
	The name of the user under which webapps run
	-R, --recursive Apply permissions recursively
	-v, --verbose increase output verbosity
	-y, --assume-yes Use guessed values without asking
	-w, --app-writable Grant the app user write access
	-r, --app-readonly Do not grant the app user write access
	-F, --fix Fix permissions
	-n, --dry-run Show what would be changed by --fix
	-c, --check Show differences compared to the permissions that
	would be set
	-W, --find-writable Find all paths owned by the app user. Implies
	--recursive

	When --admin-group is not specified, it is guessed based on the current
	owning group of the specified files, their parent directory, or based on
	the name of the app-user.

	When --app-user is not specified, it is guessed based on the ACL of the
	specified files, their parent directory, or based on the root domain
	part of the filename (e.g. /data/www/tikatika.nl).

	Guessing happens once for each file specified on the commandline. If
	--recursive is given, the guessed values are reused during recursion. If
	any values are guessed and --assume-yes is not passed, a confirmation
	prompt is shown before using the guessed values.

	When neither --app-writable nor --app-readonly is passed, the current
	writable (based on the file ownership only, not on the actual writable
	status!).