next »

[blast2007]

Sometimes happens, while uploading new files or creating new directory in CMSMS system dir, to modify unintentionally file/directory permissions/owner.

When you manually try to restore file permissions, it's very boring to restore different permissions for directories and files, especially when number of files to change is huge.

My first approach to solve this problem was to chmod files recursively, for example on directory /uploads I used:

# chmod 755 * -R

but this command chmods everything, files and directories with the same permission (755) without distinction. That was not a good solution.

Digging in google I've found a nice bash script, handful to restore all permissions to default settings.
By default It restores 640 to files and 750 to directory but you can set your own permissions, passing them as argument to the script.

The script name is chmodr. Here following the code. In green a  (bad) translation.

***

#!/bin/bash
#
#  chmodr - Un chmod Ricorsivo, che rispetta le differenze file-directory
#  chmodr - a recursive chmod that respects difference between file-directory
#  Copyright (C) 2004, 2006 - Antonio Ingargiola <debian@fastwebnet.it>
#  
#  Released under the GNU GENERAL PUBLIC LICENSE.
#

help () {
    cat << EOF

  chmodr - Un chmod Ricorsivo, che rispetta le differenze file-directory
 
  Copyright (C) 2004, 2006 - Antonio Ingargiola <debian@fastwebnet.it>
  
  Released under the GNU GENERAL PUBLIC LICENSE.


  DESCRIZIONE DESCRIPTION
  Cambia ricorsivamente i permessi di file e directory, ma impostando 
  permessi diversi per i file e per le directory. Nella ricorsione non
  segue link simbolici a directory.

  This script allow to change recursively permissions of files and directories, 
  using different permissions for files and for directories. it doesn't follow symlink to directory.
  
  USO  USAGE
  chmodr
    Senza parametri, partendo dalla directory corrente imposta i permessi 
    640 (- rw- r-- ---) a tutti i file e 750 (- rwx r-x ---) a tutte le 
    sotto-directory.
  
   Without parameters, it starts from current directory and sets to all files 
   640 (- rw- r-- ---) permission and 750 (- rwx r-x ---) to all subdirectories
 
  chmodr permessi_file permessi_dir
    Applica ai file nella directory corrente e sotto-directory i 
    'permessi_file' e tutte le directory i 'permessi_dir'. La sintassi
    per i permessi e' la stessa di chmod quindi sia ottale (es. 640) che 
    simbolica (es. o-rwx).

  chmodr file_permission directory_permission
   Apply to all files in current dir and to all subdir all  file_permission
   directory_permission. Syntax is the same of chmod, both octal (eg. 640) 
   than symbolic (eg. o-rwx).

  E' possibile specificare un terzo parametro opzionale che indica una 
  directory iniziale diversa da quella corrente.

  As third argument is possible to choose a different start directory, not current one.

EOF
    exit 1
}

valid_mod () {
# Controlla che i permessi siano sintatticamente corretti
    
    echo "$1" |\
    perl -n -e 'if ($_ =~ /^[01234567]{3}$/) {exit 0}; exit 1'
    ok_numerical=$?

    echo "$1" |\
    perl -n -e 'if ($_ =~ /^[ugoa]{0,3}[+-=]{1}[rwx]{1,3}$/) {exit 0}; exit 1'
    ok_symbolical=$?
    
    # echo "num $ok_numerical, sym $ok_symbolical" # DEBUG
    [ "$ok_numerical" = 0 -o "$ok_symbolical" = 0 ]
    return $?
}

[[ "$1" = -* ]] && help

FILE_MOD="$1"
DIR_MOD="$2"
BASE_DIR="$3"
[ -z "$1" ] && FILE_MOD="640"
[ -z "$2" ] && DIR_MOD="750"
[ -z "$3" ] && BASE_DIR="./"

cd "$BASE_DIR"

if !( valid_mod $FILE_MOD && valid_mod $DIR_MOD ); then
    echo -e "\n ERRORE: Il formato dei permessi e' errato. Per i dettagli"
    echo -e "         vedere la pagina di manuale di chmod.\n"
    exit 2
fi

ls | while read file; do
    if [ -L "$file" ]; then
        echo "   ==>> '$file' e' un link simbolico, lo ignoro."
   continue
    elif [ -d "$file" ]; then
   echo " Entro nella directory '$file'"
   
   chmod u+rwx "$file" 2> /dev/null ||\
   { echo " Non ho i permessi per entrare in '$file'"; continue; }
   cd "$file"; $0 $@; cd - > /dev/null
   
   chmod $DIR_MOD "$file" && echo -e " Directory '$file' impostata.\n"
    elif [ -f "$file" ]; then
   echo -n "   $file ... "
   chmod $FILE_MOD "$file" && echo " [ OK ]"
    else
   echo " Ignoro '$file'."
    fi
done

***
Finally, to restore default owner of files and directories just open a shell and write (if owner is www-data)
chmod www-data:www-data * -R

That's all
Feedback are welcome.

Regards
blast

[alby]

Finally, to restore default owner of files and directories just open a shell and write (if owner is www-data)
chmod www-data:www-data * -R

chown  www-data:www-data * -R

Possibly enter in code a fourth parameter for the change of owner

Alby

[blast2007]

Possibly enter in code a fourth parameter for the change of owner

Good idea,
maybe after row

Code:

cd "$BASE_DIR"

we can think to add another row with

Code:

chown  $4:$4 * -R

Complete command line for user www-data, file permission 640 and directory permission 750 in current directory will be:

chmodr 640 750 ./ www-data

Is it correct?
Regards
blast

[alby]

Possibly enter in code a fourth parameter for the change of owner

Good idea,
maybe after row

Code:

cd "$BASE_DIR"

Yes and a fifth parameter (group) 
chmodr [file_permission] [directory_permission] [start_directory] [owner] [group]

............
cd "$BASE_DIR"

if [ -n "$4" ]; then
 GROUP="$5"
 [ -n "$5" ] && GROUP="$5"
 chown -R $4:$GROUP * || exit 1
fi

if !( valid_mod $FILE_MOD && valid_mod $DIR_MOD ); then
............

Alby

[calguy1000]

Unfortunately guys.... only root can change the ownership of files.  So you may as well take that out of there.  Other users can use chgrp I think, but not chown.

And this script will only benefit people that have shell access to their servers.... so that's maybe 10%.