9

I would like to give 755 permissions to a directory, so I use:

# chmod -R 755 /my/folder/

It works for all files inside my folder, but the problem is that I use scripts that create new files in this folder, and by default the permissions are 600.

How could I impose, 755 permissions on these 'future' files ?

--EDIT--

I use a script that gives me info about network traffic on my campus. I have a new file every 10 minutes, located in a folder called journey, located in the month folder like this :

ls -lrt /home/netmet/secure/2017-04/2017-04-27/
total 118548
-rwxr-sr-x 1 root root   85922 avril 27 00:10 zzaccounting.dmp-00-00
-rwxr-sr-x 1 root root   54874 avril 27 00:20 zzaccounting.dmp-00-10
-rwxr-sr-x 1 root root   33534 avril 27 00:30 zzaccounting.dmp-00-20
-rwxr-sr-x 1 root root   48890 avril 27 00:40 zzaccounting.dmp-00-30
-rwxr-sr-x 1 root root   36878 avril 27 00:50 zzaccounting.dmp-00-40
-rwxr-sr-x 1 root root   37034 avril 27 01:00 zzaccounting.dmp-00-50
-rwxr-sr-x 1 root root   38154 avril 27 01:10 zzaccounting.dmp-01-00
-rwxr-sr-x 1 root root   38318 avril 27 01:20 zzaccounting.dmp-01-10
-rwxr-sr-x 1 root root   26978 avril 27 01:30 zzaccounting.dmp-01-20
-rwxr-sr-x 1 root root   31558 avril 27 01:40 zzaccounting.dmp-01-30
-rwxr-sr-x 1 root root   23662 avril 27 01:50 zzaccounting.dmp-01-40
-rwxr-sr-x 1 root root   32298 avril 27 02:00 zzaccounting.dmp-01-50
-rwxr-sr-x 1 root root   30282 avril 27 02:10 zzaccounting.dmp-02-00
-rwxr-sr-x 1 root root   31110 avril 27 02:20 zzaccounting.dmp-02-10
-rwxr-sr-x 1 root root   25718 avril 27 02:30 zzaccounting.dmp-02-20
-rwxr-sr-x 1 root root   26306 avril 27 02:40 zzaccounting.dmp-02-30
-rwxr-sr-x 1 root root   23690 avril 27 02:50 zzaccounting.dmp-02-40
-rwxr-sr-x 1 root root   23002 avril 27 03:00 zzaccounting.dmp-02-50
-rwxr-sr-x 1 root root   21854 avril 27 03:10 zzaccounting.dmp-03-00

Here I changed permissions by hand but when new the file appears, I have this :

-rw------- 1 root root 3479106 avril 27 15:50 zzaccounting.dmp-15-40

The thing is that for every folder and file under /home/netmet/secure/ I want 755 permision by default.

I have already done this :

chmod -R g+s /home/netmet/secure   
setfacl -d -m g::rwx /home/netmet/secure   
setfacl -d -m o::rx /home/netmet/secure
Michael Prokopec
  • 2,220
klaypez
  • 313
  • 1
  • 2
  • 9
  • 3
    ACL is the answer. This has been discussed before. – d3ag0s Apr 27 '17 at 11:43
  • 8
    ACL is the answer for overriding the umask, but not for overriding a program that creates files with mode 0600 by design. See here for some references. – ilkkachu Apr 27 '17 at 12:06
  • 1
    And one more detail: by default you can't use umask for adding execution bit to files, this need to be done by hand – Romeo Ninov Apr 27 '17 at 13:01
  • umask doesn't work guys – klaypez Apr 28 '17 at 09:40
  • Can you edit the script you use to make the files? How do the files get in to the final directory (eg. 2017-04-27) and how are the directories made in the first place? Please update the question with these details. – Tigger Apr 28 '17 at 10:46
  • How does the program create the files? e.g Does it use any system calls such as open etc.. – ss_iwe Apr 28 '17 at 10:54
  • That means we can change permission where the files are created (in the script) ? – klaypez Apr 28 '17 at 11:40
  • That means if the script uses open(filename, permissions=NAZI_UGLY) to create its files, there can be no (straightforward) fix unless you can fix the script itself. – tripleee Apr 28 '17 at 12:05
  • if your program doesn't use special rights (as the others warn you about), and if it doesn't also redefine it's own "umask", you can try: umask 000 ; /the/program to see if the rights are closer now to what you would need. umask "masks" (set to 0) some bits, here it will not set 0 to any bits (as the mask "000" have no bits at 1, and the bits at 1 are the ones that should be masked). If this doesn't help, you'll need a way to tell your program to use different rights, or do regular chmods on the folder structure ( ex: find /home/netmet/secure -mtime -1 -print0 | xargs -0 chmod a+rwx ) – Olivier Dulac Apr 28 '17 at 16:08
  • @OlivierDulac the second command u gave work fine but files and directory need to be used in real time, as soon as they are created scripts try to use them that the problem with this command even if it works very well if we had to do this by hand. When i used umask 000, file are 666 by default et folder 777 by default that means if u want to give 755 permission on files i can't ?? – klaypez May 02 '17 at 08:05
  • These are presumably not executable files, so why 0755 and not 0644 (u=rw,g=r,o=r)? In which case umask 022 before you run your data capture program may solve the problem. – Chris Davies May 06 '17 at 15:10

3 Answers3

1

Try to run umask in your folder. If it returns anything other than '0022' then this is your problem. In your case it should initialy output '0177'. The permission system when creating directory is basically computed: default - umask 0777 is the default mode for directories, and 0666 to ordinary files, but there are different umasks, if I understand these things right. Try to execute umask a=rx,uu+w.

EDIT: You can use umask to give execute bit to directory to be able to cd into it, but not to files. These have to be given execute bit manually because of security. Simply add chmod +x <file> to your script. And, execute flag set on file anything other than executable has no effect.

Enginecrafter77
  • 345
  • 1
    The umask shell command does not depend on the path, it only depends on the user running it, each user has a specific umask value, defined at login and that can be changed later. This defines how new file permissions are created. – Patrick Mevzek Nov 25 '17 at 22:21
  • That should be chmod a=rx,u+w in your reply. – Patrick Mevzek Nov 25 '17 at 22:22
1

I am guessing you are running the scripts that generate the files in an environment where umask is set to 0077. This prevents the generating program to set any permission bits in the 'group' and 'other' permission bits.

Note that the umask is part of any process's inherited environment and typically set from a default 'profile' at login. Any process (shell) can modify their own and descendant children's (initial) umask with the 'umask' command.

The bits in the current umask will prevent creation of files with these bits set in their permissions (hence a "mask", masking the resulting permission bits)

TheMadsen
  • 151
0

Note: This is not ideal and should be considered as a temporary workaround

You can create cron job that runs the chmod command every 5 minutes or as preferred.

There's also inotify

Guthrie
  • 13
  • 3