堆栈内存溢出
  简体   繁体   English

linux文件和文件夹未继承父目录权限

[英]linux files and folders are not inheriting parent directory permissions

 原文  2017-02-15 06:08:12       linux/ bash/ shell/ unix/ chmod

问题描述

I created a directory /share and gave chmod 2770 permission and chown root:stock /share . 我创建了目录/share并赋予chmod 2770权限,并赋予chown root:stock /share

1) When I create touch a file inside /share , I see the file has rw-rw-r-- and I don't see rwxrws--- 1)当我在/share内部创建一个触摸文件时,我看到该文件具有rw-rw-r--而我没有看到rwxrws---

2) When I create a directory in /share/data I see the permission as drwxrwsr-x where are the parent directory is drwxrws--- 2)当我在/share/data创建目录时,我看到的权限为drwxrwsr-x ,其中父目录为drwxrws---

How can I get parent child files and child directories to inherent parent permissions exactly the same. 如何使父子文件和子目录具有固有的父权限完全相同。

2 个解决方案

解决方案1
 2  2017-02-15 06:14:50

The setgid bit on a directory makes new files inherit the group from the directory, not its permissions. 目录中的setgid位使新文件从目录继承group ,而不是其权限。

The standard way of controlling the bits that get set on the creation of a file is to control the umask (askubuntu) of the creating process, not the file system. 控制在文件创建时设置的位的标准方法是控制创建过程的umask (askubuntu),而不是文件系统。

解决方案2
 1 已采纳  2017-02-15 14:35:43

When you create a file or directory 创建文件或目录时

  • The owner of the new file or directory will be your effective user id ( euid ). 新文件或目录的所有者将是您的有效用户ID( euid )。 You can change user id beforehand with the su other_user command (which will prompt you for the password of other_user ), or sudo su other_user (which will allow you or not, possibly asking for your password, according to the settings in /etc/sudoers* ). 您可以根据/etc/sudoers*的设置,使用su other_user命令(将提示您输入other_user的密码)或sudo su other_user (允许或不允许您,可能要求您输入密码)来预先更改用户ID。 /etc/sudoers* )。 After creating the file or directory, you can change its owner with sudo chown other_user file_name . 创建文件或目录后,可以使用sudo chown other_user file_name更改其所有者。

  • The group of the new file or directory will be your effective group id. 新文件或目录的组将是您的有效组ID。 You can change your group id with the newgrp other_group command beforehand. 您可以预先使用newgrp other_group命令更改组ID。 If your current directory has other_group as group and its setgid bit is set, your effective group id will be other_group . 如果当前目录将other_group作为组,并且将其setgid位置1,则有效的组ID将为other_group After creating the file or directory, you can change its group with chgrp other_group file_name . 创建文件或目录后,可以使用chgrp other_group file_name更改其组。 newgrp , chgrp and setgid will work if you are a member of other_group . 如果您是other_group的成员,则newgrpchgrpsetgid可以使用。 If you are not, they won't: a group password mechanism is theoretically still in place, but it was deprecated decades ago and I've never seen anybody using it. 如果您不这样做,他们将不会:团体密码机制理论上仍然存在,但几十年前已被弃用,我从未见过有人使用它。 Of course, you can always sudo chgrp other_group file_name , or even sudo chown other_user:other_group file_name if you want to change both. 当然,如果要同时更改两者,则始终可以使用sudo chgrp other_group file_name ,甚至可以使用sudo chown other_user:other_group file_name

  • The read and write permissions of the new file or directory will depend on your umask , which is normally set by your configuration files at login. 新文件或目录的读写权限取决于您的umask ,通常由登录时配置文件设置。 The most used umask values are 022 which, for files, will give you -rw-r--r-- and 002 which will give you -rw-rw-r-- . 最常用的umask值是022 (对于文件,将为您提供-rw-r--r--002 (将为您提供-rw-rw-r-- The command umask will give you your current value. 命令umask将为您提供当前值。 You can set another value with umask new_value and it will be effective till you change it or exit your shell. 您可以使用umask new_value设置另一个值,该值将一直有效,直到您更改它或退出shell。 Directories will have also all execution permissions set by default, unless you have odd values in umask , which will block the corresponding execution bit. 目录也将默认设置所有执行权限,除非您在umask具有奇数值,这将阻止相应的执行位。 Eg a umask value of 027 will create files with -rw-r----- and directories with drwxrwx--- . 例如,umask值027将创建带有-rw-r-----文件和带有drwxrwx---目录。 Please refer to documentation for a complete explanation. 请参考文档以获取完整说明。 Also, if the parent directory has the setgid bit, the new directory will have it too. 另外,如果父目录具有setgid位,则新目录也将具有它。 There is no way of setting the setuid and sticky bits by default, nor the setgid bit for files. 默认情况下,无法设置setuidsticky位,也无法设置文件的setgid位。

  • After the fact, you can always set the permissions you want with the command chmod . 之后,您始终可以使用chmod命令设置所需的权限。

That said, there is no standard command which will do what you want. 也就是说,没有标准命令可以执行您想要的操作。 However, you can easily write bash functions like the following and use them (write them in a file mycreat_functions and source mycreat_functions when needed). 但是,您可以像下面这样轻松地编写bash函数并使用它们(将它们写入文件mycreat_functions并在需要时提供source mycreat_functions )。 This will do for manually created files and directories. 这将适用于手动创建的文件和目录。 For file created by programs, shell redirections and the like, you will still have to correct the permissions manually. 对于由程序,shell重定向等创建的文件,您仍然必须手动更正权限。 

function mymkdir () {
  local parentperms
  for a in "$@"; do

    mkdir "$a"

    # This copies all permissions of the parent,
    # exactly as they are
    parentperms="$(stat -c%a $(dirname "$a"))"
    chmod "$parentperms" "$a"

    # if I’m root...
    if [ $(id -u) = 0 ]; then
      chown "$(stat -c%u:%g "$a")" "$a"
    fi

  done
}


function mytouch () {
  local parentperms newperms
  for a in "$@"; do

    touch "$a"

    # This inherits all permissions of the parent,
    # but removes the excution and setgid bits, as is 
    # appropriate for files.
    parentperms="$(stat -c%a $(dirname "$a"))"
    newperms="$(printf %o $((8#$parentperms & 8#5666)))"
    chmod "$newperms" "$a"

    # if I’m root...
    if [ $(id -u) = 0 ]; then
      chown "$(stat -c%u:%g "$a")" "$a"
    fi

  done
}

Note: Owner, group and permissions are stored in an inode, where there is also other information on how to retrieve the file contents; 注意:所有者,组和权限存储在一个inode中,那里还有关于如何检索文件内容的其他信息; the directory entry associates the inode with the file name, and ls -i shows the inode numbers of the listed files. 目录条目将索引节点与文件名相关联,而ls -i显示列出文件的索引节点号 When you copy a file, you create a new directory entry and allocate a new inode, so everything mentioned here applies. 复制文件时,将创建一个新的目录条目并分配一个新的inode,因此此处提到的所有内容均适用。 When you move a file, you create a new directory entry in the new location, but have it point to the old inode, so that owner, group and permissions are effectively untouched. 移动文件时,您将在新位置创建一个新目录条目,但将其指向旧的inode,以便有效地保持所有者,组和权限不变。 If you want them to change according to the new directory entry's parent, you have to create a mymv function along the lines of mytouch and mymkdir above. 如果希望它们根据新目录条目的父项进行更改,则必须沿着上面的mytouchmymkdir行创建一个mymv函数。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 zip 父目录中的文件和文件夹,不包括父目录 + Amazon Linux - zip the files and folders inside a parent directory without including the parent directory + Amazon Linux 在 Linux 目录中自动创建的文件的默认权限 - Default permissions for files that are automatically created in a Linux directory 在Linux系统上为用户设置权限,以使他们无法访问父目录 - Setting permissions for a user on linux system so they cannot access parent directory 在Linux的父目录中递归搜索文件 - Search recursively for files in a parent directory in Linux 如何在Linux中设置文件夹权限? - How to set folders permissions in linux? 如何管理Linux文件夹的权限? - How to manage permissions on Linux folders? Linux 命令将文件从子文件夹移动到其父文件夹 - Linux command to move files from subfolders into their parent folders 如何在Linux中列出目录中的文件和文件夹及其总大小? - How to list the files and folders in a directory with its total size in Linux? 将所有文件夹和文件移动到 Linux 目录中具有相同主题名称的文件夹中 - move all the folders and files to the folder with the same subject name in the directory Linux Linux中目录的访问权限 - Access permissions for directory in Linux
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM