#!/bin/bash

# Copyright (c) 2025 Robert Strutts <bobs@NewToFaith.com>
# License: MIT
# GIT: https://git.mysnippetsofcode.com/bobs/execguard 

# Directories to search for executables
DIRS=("/usr/bin" "/usr/sbin" "/usr/local/bin" "/usr/local/sbin/")

# Process each directory
for dir in "${DIRS[@]}"; do
    # Check if directory exists
    if [[ -d "$dir" ]]; then
        /usr/bin/echo "Processing directory: $dir"
        
        # Find all executable files in the directory
        find "$dir" -maxdepth 1 -type f -executable | while read -r program; do
            # Get just the program name without path: prog_name=$(basename "$program")
            # Run execguard --update on the program
            /usr/bin/echo "Updating execguard for: $program"
            /usr/bin/sudo /usr/local/bin/execguard --update "$program"
        done
    else
        /usr/bin/echo "Directory not found: $dir" >&2
    fi
done

# custom files here:
/usr/bin/sudo /usr/local/bin/execguard --update /usr/bin/mail
/usr/bin/sudo /usr/local/bin/execguard --update /usr/lib/update-notifier/package-data-downloader
/usr/bin/echo "Finished processing all directories"