I am copying files from source to location. The source is not owned by me and the permission for files at source is ----rwx---. The permission of files coped to destination directory which is owned by me is ----r-x---. The permission of destination directory is drwxrwsrwx. How do I have the files with same permission of destination directory. I tried "cp --no-preserve=all" but it did not work (still the same permission).
Try this:
cp --no-preserve=mode,ownership $backupfile $destination
Let me rephrase that to "How to preserve permissions of destination directory on copy?"
I can't take credit for the answer since I just combined a couple of answers I found on the wild. So here it comes.
Firstly
Permissions are generally not propagated by the directory that files are being copied into, rather new permissions are controlled by the user's umask. However when you copy a file from one location to another it's a bit of a special case where the user's umask is essentially ignored and the existing permissions on the file are preserved.
Which explains why you can't directly propagate the permissions of the src to the dst directory.
However, there is two-step workaround to this.
cp-metadata: Copy the attributes and only the attributes you want to preserve back to the source directory. Here is a quick script that can do this:
#!/bin/bash
# Filename: cp-metadata
myecho=echo
src_path="$1"
dst_path="$2"
find "$src_path" |
while read src_file; do
dst_file="$dst_path${src_file#$src_path}"
$myecho chmod --reference="$src_file" "$dst_file"
$myecho chown --reference="$src_file" "$dst_file"
$myecho touch --reference="$src_file" "$dst_file"
done
You can leave out the touch command if you don't want keep the timestamp.
Replace myecho=echo with myecho= to actually perform the commands.
Mind that this script should be run in sudo mode in order to be able
to run chown and chmod effectively
cp --preserve: After you have successfully run the first command
now it's time to copy the contents along with the attributes to the dst
directory.
--preserve[=ATTR_LIST]
preserve the specified attributes (default: mode,ownership,timestamps), if possible additional attributes: context, links, xattr, all
\cp -rfp $src_dir $dst_dir should do what you want.
Related
we use “cp” command to copy files from one location to another. Then, we use “chmod”, and “chown” commands to change the permissions and ownership of a file, respectively. However, we can combine all these tasks into a single one-liner command, and still get the same result instead of running the three consecutive commands. This can be helpful when you want to do this on a regular basis, or within a script. i want this script because i want to 1 file in many folder with destination permission?
use --no-preserve to preserve the destination mode/ownership
cp --no-preserve=mode,ownership source_file destination_file
cp -p
from man of cp:
-p same as --preserve=mode,ownership,timestamps
--preserve[=ATTR_LIST]
preserve the specified attributes (default:
mode,ownership,timestamps), if possible additional attributes:
context, links, xattr, all
Say that I have the folder /dir. Is there a command in bash that I can use so that after performing it, no one could create new files in /dir?
Edit: important to mention that after performing the command, there will be same permissions to the directory files as they were before. For example, if I have folder /dir with file a.txt in it - so after I use my desired command I cant create new files, but I can modify/delete a.txt if I want.
you could change the permission with chmod to only let people read the folders content.
chmod a-w /dir
Will remove all write permissions of all (ugo), but keep x (execute) and r (read) permissions intact.
Yes, it's pretty simple. Just chmod to read only. Here is a sample
chmod -R 0444 /path/to/your/dir/
Where the last 3 4's mean User-readonly, Group-readonly and others-readonly respectively.
Why can the ls command of Ubuntu list the files of a directory with no execution permission set ?
The Test directory has read and write permissions set but no execution permission set. I understand that the x attribute of the directory specify whether the directory can be accessed, and if it is not set then it doesn't matter whether r or w is set (please correct me if I'm wrong).
The cd and cat commands works as expected, i.e. that cannot do their job, since they cannot access the directory.
Having +r but not +x on a directory allows reading its contents, but not making it the current directory. Conversely, having +x on a directory but not +r will allow you to make it your current directory but not list it.
In other words, on a directory:
r: The read bit allows you to read the contents of that directory
w: The write bit allows you to create, rename and delete files
x: The execute bit allows you to chdir into that directory
Edit:
Apologies, after re-reading the original post, I have a better understanding of the question. The files can be listed even though there is no execute permission because you have read permission on the directory. The x bit controls access to the inode, which contains the file metadata such as permissions info. This is why the files can be listed, but no permission data is available.
https://askubuntu.com/questions/83788/accessing-files-in-a-directory-without-x-permission
See also:
https://unix.stackexchange.com/questions/21251/how-do-directory-permissions-in-linux-work
Say a FOLDER is set to chmod 777 but FILES in the folder is set to chmod 755.
Non-owner user can write files to the FOLDER. Then how about overwriting the already existing files? Can the existing files be overwritten by a non-owner user?
If you give everyone read, write, and execute permissions on a directory, everyone can create and remove files, including ones that have been created by other users.
If you want to avoid such a behavior (one of your comments mentioned that), you should create another /tmp or /var/tmp directory: Set the sticky bit:
$ chmod +t directory
With the sticky bit set, every user can create new files, but is unable to remove files from others.
A fair word of warning here though: I do not recommend to secure your uploads with such a feature. Implement a better access control in your frontend instead.
Yes. While non-owners will not be able to open a file for editing and change its contents, they will be able to remove any file in the directory and replace it with a new file of the same name.
I'm often finding myself in a situation where I login to shell as root (I've already been told it's a bad practice) and copy new files to some directory served by apache.
Since I'm logged in as root, the new files will have root set as owner, and different permissions than the files which are already present, and I'll need to change the permissions for Apache to be able to access the files. I am doing it manually.
I am researching a better way of doing it. I was wondering if there is a way to somehow apply with a single command the permissions of the current folder to all it's sub-folders and files.
Windows has such a feature, where you can "reset all files and folder permissions" to those of the parent folder.
To get the permissions on the current directory, you can use
stat -c %a .
To set permissions recursively, use
chomd -R
Put together, it gives
chmod -R `stat -c %a .` .
Or, you can use the --reference option of chmod if supported.
chmod -R --reference=. .
+1'd #choroba's answer but... are you sure that's what you want to do?
From http://en.wikipedia.org/wiki/File_system_permissions ...
Permissions
Unix-like systems implement three specific permissions that apply to each class:
The read permission grants the ability to read a file. When set for a directory,
this permission grants the ability to read the names of files in the directory,
but not to find out any further information about them such as contents, file type,
size, ownership, permissions.
The write permission grants the ability to modify a file. When set for a directory,
this permission grants the ability to modify entries in the directory. This includes
creating files, deleting files, and renaming files.
The execute permission grants the ability to execute a file. This permission must
be set for executable programs, including shell scripts, in order to allow the operating
system to run them. When set for a directory, this permission grants the ability to access
file contents and meta-information if its name is known, but not list files inside the
directory, unless read is set also.
The effect of setting the permissions on a directory, rather than a
file, is "one of the most frequently misunderstood file permission
issues".
When a permission is not set, the corresponding rights are denied.
Unlike ACL-based systems, permissions on Unix-like systems are not
inherited. Files created within a directory do not necessarily have
the same permissions as that directory.
(emphasis added)