[英]linux files and folders are not inheriting parent directory permissions
I created a directory /share
and gave chmod 2770
permission and chown root:stock /share
. 我创建了目录
/share
并赋予chmod 2770
权限,并赋予chown root:stock /share
。
1) When I create touch a file inside /share
, I see the file has rw-rw-r--
and I don't see rwxrws---
1)当我在
/share
内部创建一个触摸文件时,我看到该文件具有rw-rw-r--
而我没有看到rwxrws---
2) When I create a directory in /share/data
I see the permission as drwxrwsr-x
where are the parent directory is drwxrws---
2)当我在
/share/data
创建目录时,我看到的权限为drwxrwsr-x
,其中父目录为drwxrws---
How can I get parent child files and child directories to inherent parent permissions exactly the same. 如何使父子文件和子目录具有固有的父权限完全相同。
The setgid
bit on a directory makes new files inherit the group
from the directory, not its permissions. 目录中的
setgid
位使新文件从目录继承group
,而不是其权限。
The standard way of controlling the bits that get set on the creation of a file is to control the umask (askubuntu) of the creating process, not the file system. 控制在文件创建时设置的位的标准方法是控制创建过程的umask (askubuntu),而不是文件系统。
When you create a file or directory 创建文件或目录时
The owner of the new file or directory will be your effective user id ( euid
). 新文件或目录的所有者将是您的有效用户ID(
euid
)。 You can change user id beforehand with the su other_user
command (which will prompt you for the password of other_user
), or sudo su other_user
(which will allow you or not, possibly asking for your password, according to the settings in /etc/sudoers*
). 您可以根据
/etc/sudoers*
的设置,使用su other_user
命令(将提示您输入other_user
的密码)或sudo su other_user
(允许或不允许您,可能要求您输入密码)来预先更改用户ID。 /etc/sudoers*
)。 After creating the file or directory, you can change its owner with sudo chown other_user file_name
. 创建文件或目录后,可以使用
sudo chown other_user file_name
更改其所有者。
The group of the new file or directory will be your effective group id. 新文件或目录的组将是您的有效组ID。 You can change your group id with the
newgrp other_group
command beforehand. 您可以预先使用
newgrp other_group
命令更改组ID。 If your current directory has other_group
as group and its setgid
bit is set, your effective group id will be other_group
. 如果当前目录将
other_group
作为组,并且将其setgid
位置1,则有效的组ID将为other_group
。 After creating the file or directory, you can change its group with chgrp other_group file_name
. 创建文件或目录后,可以使用
chgrp other_group file_name
更改其组。 newgrp
, chgrp
and setgid
will work if you are a member of other_group
. 如果您是
other_group
的成员,则newgrp
, chgrp
和setgid
可以使用。 If you are not, they won't: a group password mechanism is theoretically still in place, but it was deprecated decades ago and I've never seen anybody using it. 如果您不这样做,他们将不会:团体密码机制理论上仍然存在,但几十年前已被弃用,我从未见过有人使用它。 Of course, you can always
sudo chgrp other_group file_name
, or even sudo chown other_user:other_group file_name
if you want to change both. 当然,如果要同时更改两者,则始终可以使用
sudo chgrp other_group file_name
,甚至可以使用sudo chown other_user:other_group file_name
。
The read and write permissions of the new file or directory will depend on your umask
, which is normally set by your configuration files at login. 新文件或目录的读写权限取决于您的
umask
,通常由登录时配置文件设置。 The most used umask values are 022
which, for files, will give you -rw-r--r--
and 002
which will give you -rw-rw-r--
. 最常用的umask值是
022
(对于文件,将为您提供-rw-r--r--
和002
(将为您提供-rw-rw-r--
。 The command umask
will give you your current value. 命令
umask
将为您提供当前值。 You can set another value with umask new_value
and it will be effective till you change it or exit your shell. 您可以使用
umask new_value
设置另一个值,该值将一直有效,直到您更改它或退出shell。 Directories will have also all execution permissions set by default, unless you have odd values in umask
, which will block the corresponding execution bit. 目录也将默认设置所有执行权限,除非您在
umask
具有奇数值,这将阻止相应的执行位。 Eg a umask value of 027
will create files with -rw-r-----
and directories with drwxrwx---
. 例如,umask值
027
将创建带有-rw-r-----
文件和带有drwxrwx---
目录。 Please refer to documentation for a complete explanation. 请参考文档以获取完整说明。 Also, if the parent directory has the
setgid
bit, the new directory will have it too. 另外,如果父目录具有
setgid
位,则新目录也将具有它。 There is no way of setting the setuid
and sticky
bits by default, nor the setgid
bit for files. 默认情况下,无法设置
setuid
和sticky
位,也无法设置文件的setgid
位。
After the fact, you can always set the permissions you want with the command chmod
. 之后,您始终可以使用
chmod
命令设置所需的权限。
That said, there is no standard command which will do what you want. 也就是说,没有标准命令可以执行您想要的操作。 However, you can easily write bash functions like the following and use them (write them in a file
mycreat_functions
and source mycreat_functions
when needed). 但是,您可以像下面这样轻松地编写bash函数并使用它们(将它们写入文件
mycreat_functions
并在需要时提供source mycreat_functions
)。 This will do for manually created files and directories. 这将适用于手动创建的文件和目录。 For file created by programs, shell redirections and the like, you will still have to correct the permissions manually.
对于由程序,shell重定向等创建的文件,您仍然必须手动更正权限。
function mymkdir () {
local parentperms
for a in "$@"; do
mkdir "$a"
# This copies all permissions of the parent,
# exactly as they are
parentperms="$(stat -c%a $(dirname "$a"))"
chmod "$parentperms" "$a"
# if I’m root...
if [ $(id -u) = 0 ]; then
chown "$(stat -c%u:%g "$a")" "$a"
fi
done
}
function mytouch () {
local parentperms newperms
for a in "$@"; do
touch "$a"
# This inherits all permissions of the parent,
# but removes the excution and setgid bits, as is
# appropriate for files.
parentperms="$(stat -c%a $(dirname "$a"))"
newperms="$(printf %o $((8#$parentperms & 8#5666)))"
chmod "$newperms" "$a"
# if I’m root...
if [ $(id -u) = 0 ]; then
chown "$(stat -c%u:%g "$a")" "$a"
fi
done
}
Note: Owner, group and permissions are stored in an inode, where there is also other information on how to retrieve the file contents; 注意:所有者,组和权限存储在一个inode中,那里还有关于如何检索文件内容的其他信息; the directory entry associates the inode with the file name, and
ls -i
shows the inode numbers of the listed files. 目录条目将索引节点与文件名相关联,而
ls -i
显示列出文件的索引节点号 。 When you copy a file, you create a new directory entry and allocate a new inode, so everything mentioned here applies. 复制文件时,将创建一个新的目录条目并分配一个新的inode,因此此处提到的所有内容均适用。 When you move a file, you create a new directory entry in the new location, but have it point to the old inode, so that owner, group and permissions are effectively untouched.
移动文件时,您将在新位置创建一个新目录条目,但将其指向旧的inode,以便有效地保持所有者,组和权限不变。 If you want them to change according to the new directory entry's parent, you have to create a
mymv
function along the lines of mytouch
and mymkdir
above. 如果希望它们根据新目录条目的父项进行更改,则必须沿着上面的
mytouch
和mymkdir
行创建一个mymv
函数。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.