[Gllug] Recursively setting file permissions

Bruce Richardson itsbruce at uklinux.net
Sun May 2 22:57:24 UTC 2004


On Sun, May 02, 2004 at 10:48:12PM +0100, Dylan wrote:
> ownership. I want the permissions to be rwxrwx--- and rw-rw---- for 
> dirs and files respectively but of course
> 
> chmod -R rwxrwx--- /top/level/directory
> 
> will set all files as executable which is not on since none of them are! 
> So what do I need to do to get the correct permissions?

	chmod -R u=rwX,g=rwX,o-rwx /top/level/directory
	find /top/level/direcory !-type d -exec chmod -x {\} \;

For chmod, X means "execute permission only if a directory or if already
possessing the execute permission".  If it simply meant "execute
permission only if a directory", the chmod line would be enough.  As it
is, you need the find command to remove execute permissions from those
files which already had them.  You could do it with two find commands,
if you wanted, one applying 770 permissions to directories and the other
applying 660 to files, but I'd expect the chmod statement to be more
efficient.

> - how can I get chmod to discriminate between files and directories?

As explained above.

> 
> Also, is it possible to have new files and directories to automatically 
> have the correct permissions? (I know about umask, but want to retain 
> the default for home directories, just have the rwxrwx--- for this 
> shared data area.

Not with conventional Unix filesystem semantics, no.  You can't do this
for users with interactive logins on the same machine, or for local
processes.  The umask is the only limit on the permissions for files
that they create and that applies to all the files they create, not just
to specific areas.

That doesn't mean it can't be done altogether.  If you are serving up
file access to remote users using Samba), then you can specify
file creation masks on a per-share basis.

Another rather odd way to do it would be to use a FAT partition to store
the files.  You can specify a umask for all files in such a partition at
mount time.

But the only way (afaik) to do what you want properly is to use ACLs.
ACLs let you specify defaults for directories that are inherited by new
files or directories created within them.

http://acl.bestbits.at/

-- 
Bruce

What would Edward Woodward do?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20040502/633708a7/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list