HyperionOS/Src/Hyperion-kernel/lib/modules/Hyperion/92_permissions.kmod

-- :Minify:--
local kernel = ...

local P    = kernel.vfs.P
local PERM = kernel.vfs.PERM

local RW_R_R    = P.OWNER_R + P.OWNER_W + P.GROUP_R + P.WORLD_R
local RWX_RX_RX = P.OWNER_R + P.OWNER_W + P.OWNER_X
                + P.GROUP_R + P.GROUP_X
                + P.WORLD_R + P.WORLD_X
local RW_R__    = P.OWNER_R + P.OWNER_W + P.GROUP_R
local RW____    = P.OWNER_R + P.OWNER_W
local RWXRWXRWX = PERM.RWXRWXRWX
local SUID_755  = PERM.SUID_755

local META_VERSION = 0x02
local rootDisk = kernel.disks["$"]

local function makeEntry(name, etype, owner, group, perms, cmeta)
    cmeta = cmeta or ""
    local plo = perms % 256
    local phi = math.floor(perms / 256) % 256
    local olo = (owner or 0) % 256
    local ohi = math.floor((owner or 0) / 256) % 256
    local glo = (group or 0) % 256
    local ghi = math.floor((group or 0) / 256) % 256
    return string.char(#name) .. name
         .. string.char(etype, olo, ohi, glo, ghi, plo, phi)
         .. string.char(#cmeta) .. cmeta
end

local function writeMeta(dir, entries)
    local diskDir = dir
    if diskDir:sub(1,1) == "/" then diskDir = diskDir:sub(2) end
    local metaPath = (diskDir == "" and ".meta" or diskDir .. "/.meta")

    local data = string.char(META_VERSION)
    for _, e in ipairs(entries) do
        data = data .. makeEntry(e[1], e[2] or 0x00, e[3], e[4], e[5], e[6])
    end

    local ok, err = pcall(function()
        local f = rootDisk:open(metaPath, "w")
        f.write(data)
        f.close()
    end)
    if not ok then
        kernel.log("permissions: failed to write " .. metaPath .. ": " .. tostring(err), "WARN", 8)
    end
end

local REG = 0x00

-- All known /bin entries with their permissions
local BIN_ENTRIES = {
    {"cat",      REG, 0, 0, RWX_RX_RX},
    {"chattr",   REG, 0, 0, RWX_RX_RX},
    {"chgrp",    REG, 0, 0, RWX_RX_RX},
    {"chmod",    REG, 0, 0, RWX_RX_RX},
    {"chown",    REG, 0, 0, RWX_RX_RX},
    {"chroot",   REG, 0, 0, RWX_RX_RX},
    {"clear",    REG, 0, 0, RWX_RX_RX},
    {"echo",     REG, 0, 0, RWX_RX_RX},
    {"hfetch",   REG, 0, 0, RWX_RX_RX},
    {"help",     REG, 0, 0, RWX_RX_RX},
    {"hysh",     REG, 0, 0, RWX_RX_RX},
    {"hyshex",   REG, 0, 0, RWX_RX_RX},
    {"id",       REG, 0, 0, RWX_RX_RX},
    {"install",  REG, 0, 0, RWX_RX_RX},
    {"ln",       REG, 0, 0, RWX_RX_RX},
    {"login",    REG, 0, 0, SUID_755 },
    {"loimgcreate", REG, 0, 0, RWX_RX_RX},
    {"looptest", REG, 0, 0, RWX_RX_RX},
    {"losetup",  REG, 0, 0, RWX_RX_RX},
    {"ls",       REG, 0, 0, RWX_RX_RX},
    {"lsusers",  REG, 0, 0, RWX_RX_RX},
    {"lua",      REG, 0, 0, RWX_RX_RX},
    {"luaold",   REG, 0, 0, RWX_RX_RX},
    {"micro",    REG, 0, 0, RWX_RX_RX},
    {"mkdir",    REG, 0, 0, RWX_RX_RX},
    {"mount",    REG, 0, 0, RWX_RX_RX},
    {"passwd",   REG, 0, 0, RWX_RX_RX},
    {"ps",       REG, 0, 0, RWX_RX_RX},
    {"pwd",      REG, 0, 0, RWX_RX_RX},
    {"readlink", REG, 0, 0, RWX_RX_RX},
    {"sed",      REG, 0, 0, RWX_RX_RX},
    {"socktest", REG, 0, 0, RWX_RX_RX},
    {"spm",      REG, 0, 0, RWX_RX_RX},
    {"su",       REG, 0, 0, SUID_755 },
    {"sudo",     REG, 0, 0, SUID_755 },
    {"sysdump",  REG, 0, 0, RWX_RX_RX},
    {"umount",   REG, 0, 0, RWX_RX_RX},
    {"useradd",  REG, 0, 0, RWX_RX_RX},
    {"userdel",  REG, 0, 0, RWX_RX_RX},
    {"usermod",  REG, 0, 0, RWX_RX_RX},
    {"whoami",   REG, 0, 0, RWX_RX_RX},
    {"yes",      REG, 0, 0, RWX_RX_RX},
    {"startup",  REG, 0, 0, RWX_RX_RX},
}

-- Merge entries: always ensure all known entries exist with correct permissions.
-- This handles both fresh installs and upgrades (adds missing entries, upgrades
-- the on-disk format to v2 by rewriting).
local function mergeMeta(dir, entries)
    local diskDir = dir
    if diskDir:sub(1,1) == "/" then diskDir = diskDir:sub(2) end
    local metaPath = (diskDir == "" and ".meta" or diskDir .. "/.meta")

    -- Read existing meta (may be v1 or v2)
    local existing = {}
    local rok, rf = pcall(function() return rootDisk:open(metaPath, "r") end)
    if rok and rf then
        local raw = rf.read(65535)
        if rf.close then rf.close() end
        -- Parse using the VFS parser (handles v0/v1/v2)
        existing = kernel.vfs and kernel.vfs._parseMetafile and kernel.vfs._parseMetafile(raw) or {}
    end

    -- Add any missing entries (don't overwrite existing customised perms)
    for _, e in ipairs(entries) do
        if not existing[e[1]] then
            existing[e[1]] = {
                etype = e[2] or 0x00,
                owner = e[3] or 0,
                group = e[4] or 0,
                perms = e[5] or RWX_RX_RX,
                cmeta = e[6] or "",
            }
        end
    end

    -- Write back as v2
    local data = string.char(META_VERSION)
    for name, m in pairs(existing) do
        data = data .. makeEntry(name, m.etype or 0x00, m.owner or 0, m.group or 0, m.perms or RWX_RX_RX, m.cmeta or "")
    end

    local ok, err = pcall(function()
        local f = rootDisk:open(metaPath, "w")
        f.write(data)
        f.close()
    end)
    if not ok then
        kernel.log("permissions: failed to write " .. metaPath .. ": " .. tostring(err), "WARN", 8)
    end
end

local freshInstall = not rootDisk:fileExists(".meta")

if freshInstall then
    kernel.log("Seeding filesystem permissions...", "INFO")

    -- / (only on fresh install — these dirs are stable)
    writeMeta("/", {
        {"bin",  REG, 0, 0, RWX_RX_RX},
        {"boot", REG, 0, 0, RWX_RX_RX},
        {"dev",  REG, 0, 0, RWX_RX_RX},
        {"etc",  REG, 0, 0, RWX_RX_RX},
        {"home", REG, 0, 0, RWX_RX_RX},
        {"lib",  REG, 0, 0, RWX_RX_RX},
        {"root", REG, 0, 0, RW____   },
        {"sbin", REG, 0, 0, RWX_RX_RX},
        {"tmp",  REG, 0, 0, RWXRWXRWX},
        {"usr",  REG, 0, 0, RWX_RX_RX},
        {"var",  REG, 0, 0, RWX_RX_RX},
    })

    writeMeta("/bin/startup", {
        {"test.lua", REG, 0, 0, RWX_RX_RX},
    })

    writeMeta("/etc", {
        {"passwd", REG, 0, 0, RW_R_R},
        {"shadow", REG, 0, 0, RW____},
        {"pam.d",  REG, 0, 0, RWX_RX_RX},
    })

    writeMeta("/etc/pam.d", {
        {"secret", REG, 0, 0, RW____},
    })

    writeMeta("/sbin", {
        {"init.lua", REG, 0, 0, RWX_RX_RX},
    })

    writeMeta("/boot", {
        {"kernel.lua",   REG, 0, 0, RW_R_R   },
        {"boot.cfg",     REG, 0, 0, RW_R_R   },
        {"safeboot.cfg", REG, 0, 0, RW_R_R   },
        {"fstab",        REG, 0, 0, RW_R_R   },
        {"initfs",       REG, 0, 0, RW_R_R   },
        {"cct",          REG, 0, 0, RWX_RX_RX},
        {"oc",           REG, 0, 0, RWX_RX_RX},
    })

    writeMeta("/lib", {
        {"sys",     REG, 0, 0, RWX_RX_RX},
        {"modules", REG, 0, 0, RWX_RX_RX},
        {"crypto",  REG, 0, 0, RWX_RX_RX},
        {"store",   REG, 0, 0, RWX_RX_RX},
        {"snip",    REG, 0, 0, RW_R_R   },
        {"io",      REG, 0, 0, RW_R_R   },
        {"bit32",   REG, 0, 0, RW_R_R   },
    })

    kernel.log("Filesystem permissions seeded.", "INFO")
else
    kernel.log("Permissions already seeded, merging /bin updates...", "INFO")
end

-- Always merge /bin — adds missing entries and upgrades format to v2
mergeMeta("/bin", BIN_ENTRIES)

kernel.log("Permission module loaded.", "INFO")