View previous topic :: View next topic |
Author |
Message |
Negated Void l33t
Joined: 25 Dec 2002 Posts: 672
|
Posted: Sun Dec 10, 2006 12:51 am Post subject: Setting the permissions on many files based on folder? |
|
|
I've got a huge raid array mounted to /media. Inside are folders like "anime" "archive" and "music".
All of the files in these folders should have their permissions and uid/gid set based on which folder their in. Is there any way to ensure that files I add to them are re-permissioned appropriately?
currently I just run a script that has a bunch of lines like this:
Code: | #!/bin/bash
nice chown -R murph:anime /media/anime
nice chown -R root:root /media/archive
nice chown -R murph:music /media/music
nice chmod -R 750 /media/anime
nice chmod -R 700 /media/archive
nice chmod -R 750 /media/music |
However, this now takes like an hour and does horrible things to my system's IO performance.
Is there a better way to keep these permissions set as I'd like them? Perhaps some way to just set the files that aren't already permissioned correctly or something?
Thanks,
--Murph |
|
Back to top |
|
|
Negated Void l33t
Joined: 25 Dec 2002 Posts: 672
|
Posted: Sun Dec 10, 2006 10:29 pm Post subject: |
|
|
Anyone?
I like to run a large samba-based fileserver with these things, and to be able to give individual users access to specific sets of folders - thus I just put them in the groups associated with thoes folders and all goes well.
Perhaps I'm just doing this all wrong? It works great for what I want to do, except it's a pain to keep the permissions updated.
--Murph |
|
Back to top |
|
|
neuron Advocate
Joined: 28 May 2002 Posts: 2371
|
Posted: Mon Dec 11, 2006 12:57 pm Post subject: |
|
|
you can use find for this.
I wrote a script ages ago for this exact thing. You can use find to match any file permission that isn't 750 for example, and set it to 750. |
|
Back to top |
|
|
theear n00b
Joined: 22 Nov 2006 Posts: 7
|
Posted: Mon Dec 11, 2006 1:26 pm Post subject: |
|
|
If you make a directory chmod g+s, then all files created in the directory will have their group set to the group of that directory. It will not change the owner or the permissions, though. Furthermore you can use find to select "wrong" files and change them selectively, e.g.
find dir ! -user me -group mine -print0 | xargs -0 chown me:mine
Finally you can go the easy way and simply set the permission on the directory o-rwx, then only users in the appropriate group can access the files in it.
Just some ideas. |
|
Back to top |
|
|
neuron Advocate
Joined: 28 May 2002 Posts: 2371
|
Posted: Mon Dec 11, 2006 1:49 pm Post subject: |
|
|
theear wrote: | If you make a directory chmod g+s, then all files created in the directory will have their group set to the group of that directory. It will not change the owner or the permissions, though. Furthermore you can use find to select "wrong" files and change them selectively, e.g.
find dir ! -user me -group mine -print0 | xargs -0 chown me:mine
Finally you can go the easy way and simply set the permission on the directory o-rwx, then only users in the appropriate group can access the files in it.
Just some ideas. |
to avoid an extra fork you can use find's --exec instead of xargs. |
|
Back to top |
|
|
theear n00b
Joined: 22 Nov 2006 Posts: 7
|
Posted: Mon Dec 11, 2006 2:51 pm Post subject: |
|
|
neuron wrote: | theear wrote: |
find dir ! -user me -group mine -print0 | xargs -0 chown me:mine
|
to avoid an extra fork you can use find's --exec instead of xargs. |
True, but be sure to use -exec {} + ; otherwise chown will be run once for every file:
find dir ! -user me -group mine -exec chown me:mine {} +
(I think this is a GNU extension, not POSIX.)
Some other idea: I never used samba, but maybe it is possible to set the permissions/owner on export. |
|
Back to top |
|
|
neuron Advocate
Joined: 28 May 2002 Posts: 2371
|
Posted: Mon Dec 11, 2006 3:01 pm Post subject: |
|
|
yeah, but with a massive amount of files he'll need chown being run per file, as the xargs command will have too many arguments I believe. |
|
Back to top |
|
|
gust334 n00b
Joined: 11 May 2006 Posts: 14
|
Posted: Wed Dec 13, 2006 1:37 am Post subject: |
|
|
It seems you can't really avoid examining the entire directory tree.
Brute force chmod/chown has to look at every directory, as does find.
You might try reducing server load by reducing the size of the task. Let's say you run your script every night via cron. Instead, setup cron to do anime one night, archive the next, and music the next, then back to anime on the fourth night. Further subdivision is also possible.
If that isn't acceptable, then do a quick google search for stackable layered file systems, which allow you to put one filesystem on top of another; the user sees the union of all the layers. Allow user write permissions only into the topmost layer, and have a cron job that runs periodically on that mostly-empty upper filesystem that copies the data into the lower layer, setting the permissions and owner along the way, and then deletes the upper one. In this way, you'd never need to scan through the lower filesystem. Although I don't know of a specific Gentoo tool that would do this, it sounds like an ideal candidate for FUSE, which is now part of the 2.6 kernel. |
|
Back to top |
|
|
Negated Void l33t
Joined: 25 Dec 2002 Posts: 672
|
Posted: Wed Dec 13, 2006 7:03 am Post subject: |
|
|
When I mount a FAT filesystem, i can set the permissions for the entire things in the mount options. I'm not going to switch FS's to vfat (It doesn't scale to the size I need, and it's uggggly), but can i set similar things when i mount other file systems?
I'm reading up on ACL's (Access Control lists) - http://www.suse.de/%7Eagruen/acl/chapter/fs_acl-en.pdf - I *think* they might be a solution as well - since a default acl file affects subdirectories and stuff, i could just write one ACL for each folder. I think.
--Murph |
|
Back to top |
|
|
Genone Retired Dev
Joined: 14 Mar 2003 Posts: 9538 Location: beyond the rim
|
Posted: Wed Dec 13, 2006 11:27 pm Post subject: |
|
|
Negated Void wrote: | When I mount a FAT filesystem, i can set the permissions for the entire things in the mount options. I'm not going to switch FS's to vfat (It doesn't scale to the size I need, and it's uggggly), but can i set similar things when i mount other file systems? |
No. It's only possible for FAT because that doesn't have any permission concept, so you have to fill in the owners and permissions. |
|
Back to top |
|
|
|