Originally Posted by Squintz
It tells me permission denied.
It sounds like you don't have permission to chmod the files. Generally, you have to own the files (or be root) to change their permissions, though the actual criteria are probably more complex than that. man chmod
doesn't mention them, and it's very hard to Google for permissions to issue
the chmod command rather than those changed by it...
: From playing around I haven't found any way to let someone other than the file's owner change it's permissions - and chances are, that's what the requirement is. My first thoughts on how to get around this is to add all the users to a special group, and then create a file, owned by root:<special group>, that basically just calls chmod. Then, if you set the SUID bit for the group, anyone in the group can essentially issue chmod as root. For security, you could add something in the script that checks the owner of the file and if it's not a particular user (or set of users), refuse to change it? That way, important system files couldn't be chmodded.
To take things a little further, you could create a text file containing names of files that may be changed by this chmod command (owned by root of course, and chmodded 600 or 644), and have the script load it in dynamically and see if the file to be changed is on that list. A little cumbersome, but not too much, and you get fine-grained control then.
: Even better way - still set the SUID bit, but have the owner as your user (presuming that it's only one user's files to be changed). That way, you don't have to faff about with conditions and access lists, and there's no potential security backdoor.