#!/usr/local/bin/bash

# archive.sh: lock down files and directories using system flags
#
# removes write permission, sets sunlnk for directories and schg for files

if [ $(id -u) -ne 0 ]
then
    echo "This script must be run as root"
    exit 1
fi

if [ "$#" -lt 1 ]
then
    echo "No arguments supplied"
    exit 1
fi

for arg in "$@"
do
    if [ ! -e "$arg" ]
    then
        echo "$arg: No such file or directory"
        exit 1
    fi
done

set -eEuo pipefail

chmod -R a-w "$@"
find "$@" -type d -exec chflags sunlnk {} +
find "$@" -type f -exec chflags schg {} +