LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 06-03-2008, 06:03 AM   #1
zerocool22
Member
 
Registered: Feb 2008
Posts: 95

Rep: Reputation: 15
chmod 777 664


Hey i am trying to chmod my /home folder to read, and every /upload folder that excists in /home must be 775. So what i did was

chmod -R 664 /home
chmod 775 */*/upload
chmod 775 */*/Upload

But when i do the chmod for home with 664 the users cant login anymore, and when i set it to 777 my users can login? Is 664 not good, or what should i do?

thx
 
Old 06-03-2008, 06:14 AM   #2
indeliblestamp
Member
 
Registered: Feb 2006
Distribution: Fedora
Posts: 341
Blog Entries: 3

Rep: Reputation: 38
You need executable permissions to access a directory. So try 755 or 775, 644 will not work.
Edit: saw this on the freebsd handbook, this should clarify things:
Quote:
The executable bit for a directory has a slightly different meaning than that of files. When a directory is marked executable, it means it can be traversed into, that is, it is possible to “cd” (change directory) into it. This also means that within the directory it is possible to access files whose names are known (subject, of course, to the permissions on the files themselves).

In particular, in order to perform a directory listing, read permission must be set on the directory, whilst to delete a file that one knows the name of, it is necessary to have write and execute permissions to the directory containing the file.

Last edited by indeliblestamp; 06-03-2008 at 06:19 AM.
 
Old 06-03-2008, 06:19 AM   #3
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
find /home -type d -exec chmod 775 {} +
find /home ! -type d -exec chmod 664 {} +

would have been better because you can't access your own files if the directories don't have 'execute' permission.
Anyway, I wouldn't execute the above commands on my home directory: executable files (if any) wouldn't be executable anymore.

Yves.
 
Old 06-03-2008, 06:21 AM   #4
zerocool22
Member
 
Registered: Feb 2008
Posts: 95

Original Poster
Rep: Reputation: 15
find /home -type d -exec chmod 775 {} +
find: missing argument to `-exec'

find /home ! -type d -exec chmod 664 {} +

find: missing argument to `-exec'

 
Old 06-03-2008, 06:32 AM   #5
indeliblestamp
Member
 
Registered: Feb 2006
Distribution: Fedora
Posts: 341
Blog Entries: 3

Rep: Reputation: 38
I think you end it with a \; instead if a +.
As the Yeti says, running the 2nd command is not really recommended if you have executables in /home.
 
Old 06-03-2008, 06:36 AM   #6
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
Older versions of find don't know the '+' syntax. From the man page here with Mandriva 2008.0:
Code:
       -exec command ;
              Execute command; true if 0 status is returned.  All following arguments to find are  taken  to
              be  arguments  to  the command until an argument consisting of ‘;' is encountered.  The string
              ‘{}' is replaced by the current file name being processed everywhere it occurs  in  the  argu‐
              ments  to  the  command, not just in arguments where it is alone, as in some versions of find.
              Both of these constructions might need to be escaped (with a ‘\') or quoted  to  protect  them
              from  expansion by the shell.  See the EXAMPLES section for examples of the use of the ‘-exec'
              option.  The specified command is run once for each matched file.  The command is executed  in
              the starting directory.   There are unavoidable security problems surrounding use of the -exec
              option; you should use the -execdir option instead.

       -exec command {} +
              This variant of the -exec option runs the specified command on the  selected  files,  but  the
              command  line  is  built  by appending each selected file name at the end; the total number of
              invocations of the command will be much less than the number of matched  files.   The  command
              line  is built in much the same way that xargs builds its command lines.  Only one instance of
              '{}' is allowed within the command.  The command is executed in the starting directory.

       -execdir command ;

       -execdir command {} +
              Like -exec, but the specified command is run from  the  subdirectory  containing  the  matched
              file,  which is not normally the directory in which you started find.  This a much more secure
              method for invoking commands, as it avoids race conditions during resolution of the  paths  to
              the  matched  files.   As with the -exec option, the '+' form of -execdir will build a command
              line to process more than one matched file, but any given invocation of command will only list
              files  that exist in the same subdirectory.  If you use this option, you must ensure that your
              $PATH environment variable does not reference the current directory;  otherwise,  an  attacker
              can  run any commands they like by leaving an appropriately-named file in a directory in which
              you will run -execdir.
And arungoodboy is right: the ';' must be "escaped" (\ else the shell will take it for itself.

Yves.

Last edited by theYinYeti; 06-03-2008 at 06:36 AM. Reason: CODE instead of /CODE.
 
Old 06-03-2008, 06:42 AM   #7
zerocool22
Member
 
Registered: Feb 2008
Posts: 95

Original Poster
Rep: Reputation: 15
so i did
find /home -type d -exec chmod 775 {} \;
find /home ! -type d -exec chmod 664 {} \;

k but now still all folders are still fully righted, i can still can upload to /home folders and /upload folders? So somethings is still off.
Cause i just want that all folders are readeble but you cannot change anything or delete anything or upload anything to that folder. And to all /upload folders they can do what the heck they want with .
 
Old 06-03-2008, 06:58 AM   #8
zerocool22
Member
 
Registered: Feb 2008
Posts: 95

Original Poster
Rep: Reputation: 15
maybe this info helps, my user home folders work as ftp server. The users itself can not upload any data to their home folder unless its in the upload folder.
for example:
/home/jack/upload
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
chmod 775 to only the directories and chmod 664 to only the files? apachenew Linux - Security 6 09-27-2007 03:26 PM
Is it safe to chmod 777 Navaboy Slackware 4 03-24-2005 06:54 AM
CHMOD in shell : chmod 777 /usr/ <---is that right? cpanelskindepot Programming 5 07-16-2004 05:37 AM
chmod 777 /* ziggamon Linux - Newbie 2 09-25-2003 11:40 AM
mount doesn't work as non su even after chmod 777 dokterneo Slackware 5 08-08-2003 10:48 PM


All times are GMT -5. The time now is 10:05 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration