LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   AIX (https://www.linuxquestions.org/questions/aix-43/)
-   -   chmod recursion -- files only (https://www.linuxquestions.org/questions/aix-43/chmod-recursion-files-only-208798/)

Risc91 07-23-2004 01:17 PM
chmod recursion -- files only
 
Is there a way to change the permissions on all the files below a given directory? I thought it was as simple as:

chmod -R 444 /usr/lib/whatever/*.ext

but this is changing the permissions on everything below the given driectory, including and directories.

TIA

zorba4 07-23-2004 01:45 PM
"find . -type f -print | xargs chmod 444 "shoud work, isn't it ?
If not, find . -print >myfile.sh
and vi myfile.sh removing the directories (they should not be soo many), and then
1,$s/^/chmod 444/
and sh myfile.sh.
I know, the vi way is not very clever, but it works without thinking more than two seconds, so why not ?

Risc91 07-23-2004 02:20 PM
good call. Thanks for the help!

zorba4 07-23-2004 04:00 PM
You're welcome

crabboy 07-23-2004 10:09 PM
The first find should work w/o vi.

Code:
find /usr/lib/whatever -type f -name '*.ext' -exec chmod 444 {} \;

diederick76 07-22-2007 04:12 AM
If your files contain spaces, backslashes, etc., do this instead:

find . -type f -print0 | xargs -0 chmod 444

unclecameron 06-20-2008 03:16 PM
also, if you need to change the permissions on the folder instead of the files, try this
Code:
find . -type d -print0 | xargs -0 chmod 755

obiwahn 09-14-2010 06:17 PM
Code:
find /usr/lib/whatever -type f -name '*.ext' -exec chmod 444 '{}' \;

crabboy 09-16-2010 09:12 AM
Using xargs is usually much quicker as it does not have to execute chmod for every file.

David the H. 09-16-2010 10:11 AM
I'm not sure if it's available everywhere, but on some versions of find at least you can replace the final semicolon with a plus sign, in which case it will act in a way similar to xargs. That is, it will run only one or a few instances of the command, with all the files from find built into a single argument.
Code:
find /usr/lib/whatever -type f -name '*.ext' -exec chmod 444 '{}' \+
I couldn't find anything that definitively showed that aix find has it, but this generic "unix" man page lists it as an option. gnu find also has it, of course.

(What the heck? I just noticed that this thread is over 6 years old!)

crabboy 09-16-2010 12:07 PM
Great tip David, learn something new every day. I just tried it on AIX 5.3 and it works, it does not work on AIX 5.1

4rapiddev 06-28-2011 01:04 PM
Thank you.

byrnify 09-18-2012 08:58 AM
Recursive chmod thread
 
So I went trawling the web for an elegant and simple solution to this and decided to write a little script for this myself.

It basically does the recursive chmod but also provides a bit of flexibility for command line options (sets directory and/or file permissions, or exclude both it automatically resets everything to 755-644). It also checks for a few error scenarios.

Check it out:
http://bigfloppydonkeydisk.blogspot....-files-or.html

Hope it helps!

jazman334 02-14-2016 12:27 AM
missing the boat
 
yah...ok...lets shoot self in foot here....UH people... Dont let my 15 year old AS degree bite you in the ass here! LEAST PERMISSIVE.
THIS IS LINUX for GODS SAKES! You REALLY want the UNIVERSE to READ, or WORSE your FILES? The fact that some server services REQUIRE ANYTHING other than 0 for the world bit is MIND BLOWING! If the service(is and should be) a part of the GROUP you are assigned to(in any way) then SHURELY the process already HAS the necessary permission to read or exec the files, IE: apache.

Yet apache wants at minimal read permissions here? I think something is askew somewhere in someone's logic. Your theory holds. Your implementation of it SUCKS! 640 for files, 750 for folders(must exec or cannot browse them) is the CORRECT permissions.

Obviously, with apache, the last bit must be 4 for some reason, even though you are USUALLY a part of the www group when setting it up.And Im also finding that one must own files as root to put them into www folder to begin with.They should only need www as a group set.Neither the world bit nor the files should be owned by root to get apache to work with them.THIS IS NOT the CASE, however.

Completely missed the boat.Next cruise sails in 30 minutes...

need to edit certain files only? (commmand hell....) try this:
find . -name "*php" -exec chmod 644 '{}' \; -print

astrogeek 02-14-2016 01:42 AM
Quote:
Originally Posted by jazman334 (Post 5499905)
yah...ok...lets shoot self in foot here....UH people... Dont let my 15 year old AS degree bite you in the ass here! LEAST PERMISSIVE...

Completely missed the boat.Next cruise sails in 30 minutes...
Boom! You just shot a four year dead reply to a twelve year dead thread... impressive! How's that foot?

Did they teach swimming in that degree program? The last boat sailed from here long ago!

Michael AM 09-28-2016 04:51 AM
Quote:
Originally Posted by astrogeek (Post 5499919)
Boom! You just shot a four year dead reply to a twelve year dead thread... impressive!
So - let's keep it alive :P

As far as apache, or any program goes - the mods you need are the mods you need.

Some programs such as apache have the idea that using "nobody/nobody" as user/group of the application make it safe - when, imho, the user/group should be specific to an application - to permit something akin to "data ownership". Ideally, an application would have all it's files as 600 or 400 (aka rw-------, r--------) and access to data is via the application, not via the filesystem.

Ok - it is off-topic - but this is by far the most read thread on the LinuxQuestions.org AIX forum.

Closer to topic: rather than using octal notation for changing mode - use the ugo (user, group, other) +-= (add, remove, setto) rwx (read, write, eXecute_file/access_search_directory). Using octal modes you may be clearing other bits outside the lower 12-bits aka 0777 range.

Sefyir 09-28-2016 11:15 AM
Ah, someone reprimanding you for what permissions you chose. Took 12 years but good to know they'll always show up.
However since it's been raised again ... and current answers covered xargs and find, I'll use parallel to do the same

Code:
parallel -0m 'chmod 444 {}' :::: <(find . -type f -print0)

Code:
PARALLEL
      -0      Use NUL as delimiter.  Normally input lines will end in \n (newline). If they end in \0 (NUL), then use this option. It is useful for processing arguments that may contain \n (newline).
      -m      Multiple arguments. Insert as many arguments as the command line length permits. If multiple jobs are being run in parallel: distribute the arguments evenly among the jobs. Use -j1 or --xargs to avoid this.

                If {} is not used the arguments will be appended to the line.  If {} is used multiple times each {} will be replaced with all the arguments.

                Support for -m with --sshlogin is limited and may fail.

                See also -X for context replace. If in doubt use -X as that will most likely do what is needed.
      {}      Input line. This replacement string will be replaced by a full line read from the input source. The input source is normally stdin (standard input), but can also be given with -a, :::, or ::::.

                The replacement string {} can be changed with -I.

                If the command line contains no replacement strings then {} will be appended to the command line.
      :::: argfiles
                Another way to write -a argfile1 -a argfile2

PROCESS SUBSTITUTION
<(command)

  Process Substitution
      Process substitution is supported on systems that support named pipes (FIFOs) or the /dev/fd method of naming open files.  It takes the form of <(list) or >(list).  The process list is run with its input or output connected to
      a FIFO or some file in /dev/fd.  The name of this file is passed as an argument to the current command as the result of the expansion.  If the >(list) form is used, writing to the file will provide  input  for  list.  If  the
      <(list) form is used, the file passed as an argument should be read to obtain the output of list.

      When available, process substitution is performed simultaneously with parameter and variable expansion, command substitution, and arithmetic expansion.
 
FIND
. == use current directory
-type f
      -type c
              File is of type c:

              b      block (buffered) special

              c      character (unbuffered) special

              d      directory

              p      named pipe (FIFO)

              f      regular file

              l      symbolic link; this is never true if the -L option or the -follow option is in effect, unless the symbolic link is broken.  If you want to search for symbolic links when -L is in effect, use -xtype.

              s      socket

              D      door (Solaris)

      -print0
              True;  print the full file name on the standard output, followed by a null character (instead of the newline character that -print uses).  This allows file names that contain newlines or other types of white space to be
              correctly interpreted by programs that process the find output.  This option corresponds to the -0 option of xargs.

There are many guides out there on how to use correct permissions, use a search engine and look for them


All times are GMT -5. The time now is 11:40 AM.