Trouble regarding unix permissions (bug maybe?)
Hi!
I found something rather strange while applying unix permissions to some folder. First things first, i'm a total n00b, and I'm in charge of some small business server. I made a script to fix all the permissions of the folders accesible by the samba shares, and here is the problem: At some part of the code I do Code:
chmod -R 755 /mnt/AMYQ/SECTEC/MACROS Code:
drwxrwxr-x+ 2 netadm netadm 4096 nov 8 08:47 MACROS Code:
chmod -R 000 /mnt/AMYQ/SECTEC/MACROS Code:
d---rwx---+ 2 netadm netadm 4096 nov 8 08:47 MACROS Here's my code: (the problem is around tag #SECTEC) Code:
#!/bin/sh Thanks in advance! Joaquín. |
Perhaps it would be useful to explore some basics about permissions.
Generally, directories are created with a default mask 755 and files are created with a default mask of 644; that is a directory will be Code:
drwxr-xr-x 2 owner group 4096 Jan 13 2010 test/ Code:
-rw-r--r-- 1 owner group 1484 Oct 26 2009 testing.sql Now, in the case of a file, the owner can read it and write to it (as in using an editor to change the content or removing it entirely), the group can read it (only) and public (anybody else) can read it (only). The three digits are owner, group, public. If you want to make a file executable (it's a shell or binary program), you would Code:
chmod 755 file Code:
-rwxr-xr-x 1 owner group 8336 Nov 1 2009 file* Again, the defaults are 755 for directories, 644 for files (on most systems). Now, owner is the user account name -- the log in name -- of an individual user that created or has been assigned as owner. Group is the default group that all users belong to (it's usually users). The way you use group identities is that any user can belong to one or more groups and you can add specific user accounts to additional group(s) so they can access thing you don't want just everybody to get at. The permission are called a mask and keep in mind that permission on a directory are different from those of a file; here's some masks for directories:
Files:
Now, what's an easy way to set permission on mass? We have a couple of nifty utilities for doing that; one is the find utility. As the name implies, find, uh, finds things (like files and directories). Say you want to find all the files in your directory tree: Code:
find /mnt/AMYQ/SECTEC/MACROS -type f Code:
cd /mnt/AMYQ/SECTEC/MACROS/ Code:
cd /mnt/AMYQ/SECTEC/MACROS/ Code:
cd /mnt/AMYQ/SECTEC/MACROS/ Code:
cd /mnt/AMYQ/SECTEC/MACROS/ Code:
cd /mnt/AMYQ/SECTEC/MACROS/ Might be a little easier than fiddling around with setfacl? Oh, yeah, if you set either a directory or file with a mask of 000, well, it is inaccessible by anybody (except root) and ain't a good idea to be doing that. Hope this helps some. |
If you are using ACLs, the output from "ls -l" can be a bit confusing since the displayed permissions include a merging of the ACL permissions. If there is an ACL setting for the owner, then those permissions will be shown in place of whatever owner permissions you might have set with chmod. If there are ACL settings for any other user or any group, then all of those permissions will be ORed into the group permissions set by chmod. To indicate that there are ACLs affecting the displayed permissions, there will be a "+" sign appended to the permissions field.
|
Thanks for the reply, both of you!
Tomorrow I'll read in detail and try to fix it. Thanks again! Joaquín. |
All times are GMT -5. The time now is 03:44 AM. |