How to automatically change the ownership of every files in a directory

Question

There's an external server that deposits some files inside a folder of my computer. I need to automatically change the user ownership of every file created inside that folder.

I've seen a lot of answers saying that I could just change the GROUP ownership through setfacl (from my research it is not possible to change the USER ownership through setfacl).

In this case, I can't, because there's a script owned by the user A (not root) that is going to chmod this deposited file owned by the user B, and you can only chmod a file that you own.

Instead of this (inside the script):

chmod 777 /folder/file.txt

I tried this:

sudo chmod 777 /folder/file.txt

But a password is asked and BAM!

Do you have any ideas on how to deal with this?

Am I missing something?

Answer 1

I am not sure what you want to achieve, so here's a couple of suggestions:

• if the goal is simply for the file to have specific permission settings, and ownership change is secondary, you could set the permissions correctly on the source computer and then use a transfer method that preserves permissions (scp -p or some such)

• note that a script owned by A can still be run by B if A has set the permissions correctly (group and other executable bit). When B runs A's script, it runs with B's permissions, so changing permission bits of B's file will work

• if ownership change is imperative, you could transfer the file to B, make sure A has permission to read (see above), and then have A make a copy of the file to A's own directory using the cp command. The copy will be owned by A and thus A can change permissions of the copy. After that, run some regular process to clean up B's directory in order to save space if that's an issue

• alternatively, you could have B on the source computer log into A's account on the receiving computer, and then the file ends up in A's ownership. If you do not want to give B the password of A, you could do this using an ssh certificate. But of course this has other security risks, so the cp method above is safer

• finally, on unix it is generally not a good idea to make files writable for "other", and often not even for "group", so permission settings of 775 or 755 are much safer and preferred. Otherwise anyone on the same computer could modify the file or make it an empty file. Even on a private computer this is good practice, because sooner or later one of these files will get copied to a multi-user system and no-one remembers to check the permissions

Hopefully some of these hints are useful.

Answer 2

One way may be to use the group sticky bit on the parent directory. This ensures that when created the files are given the same group ownership as the directory that they are in.

In most cases this is enough as you can ensure that the group is one that the file creator and the users all are members of, so they all have access to the files.

You can sticky the user ID of the directory, but this is almost always the wrong thing to do in an organisation, as it only takes that person to be away and the directory overflows.

Answer 3

chown owner:group directory -R

Example:

chown root:root sysadmin -R

try this.