Shell command that combines chmod and chgrp

Is there a concatenation option for chmod

and chgrp

that sets both permissions and groups into one system call for each file?

+3


source to share


2 answers


There is no such option, since the two operations chmod(2)

and chown(2)

are implemented using different system calls.

Give up chmod

andchown

Perhaps you are looking for this option chmod

also chown

because of security concerns. If so, you can use the following strategy:

  • Strip mode flags for a very conservative set (possibly empty) in the target file.
  • Change the owner and group of the target file.
  • Give the target file the mode flags you want.

This avoids the potential security problems associated with successive calls to chmod

and chown

, or chown

and chmod

.



Troika install

/open

The only syscall mode flags and ownership information can be simultaneously open(2)

. This way, you can use a process that impersonates the target owner to open the file in the appropriate mode. This is probably what it does install

, so if it's an option:

  • Rename the old file.
  • Copy the old file to a new file with the required access and access mode information using the command install

    .
  • Delete old file.

However, this will break hard links. The solution based on chown

and chmod

doesn't have this problem.

+2


source


AFAIK, no.

Also, since the file access mode and owner / group information are set using different system calls (see man 2 chmod

and man 2 chown

), I don't think it would be possible to implement such a command ... at least on a generic Unix-like system.



(Obviously, one could modify the GNU / Linux kernel to add a combined system call, but then a hypothetical command using syscall would not be portable.)

+1


source







All Articles