Linux - Change permissions of all files & directories except 1 directory? - linux

This has stumped me for a bit now after working on it for a while. I need to change the permission settings of all files and directories so that group and others have no read, write, or execute access except for one specific directory. So far I have tried variations of `
chmod go-rwx | chmod go+rwx 'filename'
Any tips?`

I don't believe there's a solution shorter than a 2 steps pipeline.
Otherwise, you might want to check umask.
umask changes the default permissions on a file on creation (sadly only on file created by the same shell, but you can add this to the .bash_rc/.bash_profile, so that every shell you'll open will do this by default)
umask 077
will set the mask so that every new file will have permissions like 700.
So you might want to just use this so that in the future you won't need to re-launch that pipeline.
EDIT
if the problem was the pipeline itself, then I'd do
cd && chmod -R 700 && cd 'path/to/that/directory' && chmod -R 777
with the double '&' instead of the pipe just because there's not output to pipe, so an && might do the trick

Related

Is it possible to change directory mode so that no one can create new files in it?

Say that I have the folder /dir. Is there a command in bash that I can use so that after performing it, no one could create new files in /dir?
Edit: important to mention that after performing the command, there will be same permissions to the directory files as they were before. For example, if I have folder /dir with file a.txt in it - so after I use my desired command I cant create new files, but I can modify/delete a.txt if I want.
you could change the permission with chmod to only let people read the folders content.
chmod a-w /dir
Will remove all write permissions of all (ugo), but keep x (execute) and r (read) permissions intact.
Yes, it's pretty simple. Just chmod to read only. Here is a sample
chmod -R 0444 /path/to/your/dir/
Where the last 3 4's mean User-readonly, Group-readonly and others-readonly respectively.

How to copy files and give them permission of destination directory

I am copying files from source to location. The source is not owned by me and the permission for files at source is ----rwx---. The permission of files coped to destination directory which is owned by me is ----r-x---. The permission of destination directory is drwxrwsrwx. How do I have the files with same permission of destination directory. I tried "cp --no-preserve=all" but it did not work (still the same permission).
Try this:
cp --no-preserve=mode,ownership $backupfile $destination
Let me rephrase that to "How to preserve permissions of destination directory on copy?"
I can't take credit for the answer since I just combined a couple of answers I found on the wild. So here it comes.
Firstly
Permissions are generally not propagated by the directory that files are being copied into, rather new permissions are controlled by the user's umask. However when you copy a file from one location to another it's a bit of a special case where the user's umask is essentially ignored and the existing permissions on the file are preserved.
Which explains why you can't directly propagate the permissions of the src to the dst directory.
However, there is two-step workaround to this.
cp-metadata: Copy the attributes and only the attributes you want to preserve back to the source directory. Here is a quick script that can do this:
#!/bin/bash
# Filename: cp-metadata
myecho=echo
src_path="$1"
dst_path="$2"
find "$src_path" |
while read src_file; do
dst_file="$dst_path${src_file#$src_path}"
$myecho chmod --reference="$src_file" "$dst_file"
$myecho chown --reference="$src_file" "$dst_file"
$myecho touch --reference="$src_file" "$dst_file"
done
You can leave out the touch command if you don't want keep the timestamp.
Replace myecho=echo with myecho= to actually perform the commands.
Mind that this script should be run in sudo mode in order to be able
to run chown and chmod effectively
cp --preserve: After you have successfully run the first command
now it's time to copy the contents along with the attributes to the dst
directory.
--preserve[=ATTR_LIST]
preserve the specified attributes (default: mode,ownership,timestamps), if possible additional attributes: context, links, xattr, all
\cp -rfp $src_dir $dst_dir should do what you want.

What determines in Linux the permissions, a file is written with?

I have a technical user which writes a file to a directory. The file is automatically granted permissions (rw-r--r--).
What determines that/why is it exactly 644 instead of any other rights combination?
And what/how do I have to configure so that the automatic permissions when writing the file are rw-rw-rw / 666?
I would like to refrain from a chmod after copying, as this causes continuous additional work - better that every file copied to this directory by that user gets these permissions.
..and bonus question: does this also cover moving a file there?
Thanks!
This is called the umask and it could be set to 600, 644 or 666.
floridopower - you have to modify the umask for that specific user , in order to do this , you have to see the default environment of the system user, run this:
cat /etc/passwd | grep -i thenameoftheuser
And if you see anywhere /bin/bash in the returned string just run this command:
echo "umask 111" >> /home/thenameoftheuser/.bashrc
So if the user is a system user and the home directory of that user is located in the directory /home/ you can safely run the above commands and then run a test ( create a new file with that user and look at the permissions )

Minimum file permission needed to delete a file in Linux

To delete a file in Linux,
What minimal permissions do we need to set on it?
What minimal permissions do we need to set on its parent directory?
You need to have x-permissions and w-permissions on the directory (and of course x-permissions on all parents), that is all.
mkdir foo
touch foo/bar
chmod 300 foo
chmod 000 foo/bar
rm -f foo/bar
But when testing you might stumble into thinking that you need more (e. g. r-permissions for the directory or whatever). This will be only due to false testing ;-)

Bash script with selective root permissions for commands

Is it possible to have a bash script invoked with root permissions to run different commands with different privileges?
Right now i have a script which runs a C-program with root permissions and creates a folder and some files which i want to have non-root permissions. Looking at the man page i see that the mkdir command takes a permissions parameter but i was wondering whether there's a smarter way of doing this.
Have a look at the man pages for the chmod and chown commands. Depending on what you are trying to do, either one of these should be our solution.
If you want to change the directory ownership to a user/group other than root, use chown -R user:group [directory] to recursively change ownership. If you just want the permissions changed, but with root still in ownership then use chmod -R 754 [directory]; keep in mind you will need to alter the permissions to suit your needs.

Resources