• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2585
  • Last Modified:

All new files should have chmod = 774

User A has read+write access on Directory owned by user B.
In .profile of user A i have set umask=003 so that all files that user A creates(future) in that directory get created as 774 but it is not working and files are being created as 664.

Can someone please advise on how can all files created (in future) by user A can have 774?
Thanks
0
oracop
Asked:
oracop
  • 3
  • 2
  • 2
  • +3
7 Solutions
 
Maciej SsysadminCommented:
You can't achieve this (setting execute permission for files with umask).
If you are creating file, umask value is subtracted from 666, not 777.
0
 
omarfaridCommented:
this depends on the command / tool used to create files. It will set files perms while creating them. you can not do much here.
0
 
TintinCommented:
You need to have some process that changes the permissions after the files have been created as you can't control this with the umask.
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
omarfaridCommented:
maybe a crontab job that runs every say 5 min that change perms
0
 
tkutherCommented:
I'd use inotifywait from the inotify-tools package and write a small script that just keeps running all the time
#!/bin/bash
 
WATCHED_DIRS="/tmp/aaa /tmp/bbb"
 
for dir in ${WATCHED_DIRS}; do
        if [[ ! -d "${dir}" ]]; then
                echo "Error: ${dir} does not exist"; exit 1
        fi
done
 
while true; do
        EVENT="`inotifywait -q -r -e create ${WATCHED_DIRS}`"
        DIR="`echo ${EVENT}|awk -F' CREATE ' '{print $1}'`"
        FILE="`echo ${EVENT}|awk -F' CREATE ' '{print $2}'`"
 
        if [[ ! -f "${DIR}${FILE}" ]] || [[ -x "${DIR}${FILE}" ]]; then
                continue
        fi
 
        chmod 774 ${DIR}${FILE}
done

Open in new window

0
 
tkutherCommented:
...if inotify is available at all on the system. I should have thought of that first. Above works on Linux.

On Solaris it could be done with BSM Audit and parsing its logs maybe.
0
 
docbertCommented:
umask is a "mask" in that it is used to remove permissions when creating a file.  What's going to cause you difficulty is that two things are used when creating a new file - the first is the permissions that the program creating the file asks for, and the second is the umask.

ie, if the program creating the file asks for the permissions "777" and the umask is 003, then the resulting permissions will be 774.  However if the program asks for "644" and the umask is 003, then you're going to end up with 644 - none of the bits you've asked to be cleared are set, and thus it doesn't change the result.  Normally this isn't a problem as you wouldn't want execute permissions on a file anyway - or if you did, the program creating the file will normally explicitly ask for execute permission (eg, by setting the default permissions to 777)

umask can not be used to add bits to the permissions the original program sets.  This leaves you with 2 options.

The first is as has been suggested above - something that reactively changes the permissions.  This is ugly, but might be your only choice. You could do this with a cron job and the "find" command using the -perms options to look for files that don't match your desired permissions.

The second options it to change whatever is creating the file.  Some software (eg, Samba) has config options that allow you to set the default permissions for a file.  Set that to 777, and then with your umask or 003 the end result will be 774 as desired.  Alternatively if you've got the source you can change the default permissions in that - look for it using the "open" system call, and change the permissions it's passing.
0
 
oracopAuthor Commented:
Please close the question and refund the points.... Am not able to get Solution specific to problem.
Thanks all for your feedback.

regards.
0
 
TintinCommented:
Sometimes a non-solution can be a solution.  Not every problem is solvable.

0
 
TintinCommented:
I'd split the points between oklit, omarfarid, tintin, tkuther and docbert.

Reason being that an explanation was given why the solution wasn't possible using umask, but some alternative workarounds were given.

If the workarounds weren't suitable, then the questioner should have followed up with some feedback.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now