Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- sudo chgrp -R nobody /whatever
- mkdir sticky
- cd sticky/
- touch blub
- chmod 4755 blub
- ls -al blub
- chgrp -R myuser .
- ls -al blub
- find /whatever ! -type l -perm -04000 -exec chgrp nobody {} +
- -exec chmod u+s {} +
- find /whatever ! -type l ! -perm -04000 -exec chgrp nobody {} +
- chown_preserve_sec() (
- newowner=${1?}; shift
- for file do
- perms=$(stat -Lc %a -- "$file") || continue
- cap=$(getfattr -m '^security.capability$' --dump -- "$file") || continue
- chown -- "$newowner" "$file" || continue
- [ -z "$cap" ] || printf '%sn' "$cap" | setfattr --restore=-
- chmod -- "$perms" "$file"
- done
- )
- chown_preseve_sec :newgroup file1 file2...
- # save permissions (and ACLs). Remove the "# owner" and "# group" lines
- # to prevent them being restored!
- perms=$(getfacl -RPn . | grep -vE '^# (owner|group): ')
- # save capabilities
- cap=$(getfattr -Rhm '^security.capability$' --dump .)
- chgrp -RP nobody .
- # restore permissions, ACLs and capabilities
- printf '%sn' "$perms" | setfacl --restore=-
- [ -z "$cap" ] || printf '%sn' "$cap" | setfattr -h --restore=-
- cd /home/me
- getfacl -R /whatever > whatever-permissions.org 2> /dev/null
- # A) change lines starting with # group: root
- # to # group: whatineed
- sed 's/^# group: root/# group: whatineed/g' whatever-permissions.org > whatever-permissions.new
- # B) change lines with group::x.y
- # to group::xwy
- # (where x, y mean: whatever was there before)
- sed 's/^group::(.).(.)/group::1w2/g' whatever-permissions.new > whatever-permissions.new
- cd /
- setfacl --restore /home/me/whatever-permissions.new
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
