chkperm parses its configuration file and sets or verifies permissions and ownership according to the statements found in the file.
chkperm [options] [permission-file]
If no permission-file is provided at the command line, a default configuration is loaded from SYSCONFDIR
-s, --set This option enables setting the file permissions, the default is to check and warn only. -r, --read with this option chkperm will read permissions for every file/directory it reads in the config file and print them on screen in a format it can read as a config file (to re-set them later) -d, --dead with this option, chkperm will remove any dead symbolic links it encounters -h, --help Show a little help screen.
Config file format
Every line of the configuration file consists of a single directive. Lines starting with a #-character are ignored. A directive has the following syntax:
[CMDSPEC] FILEPATH OWNER.GROUP MODEwith the following meaning:
cmdspec is one of "recursivedirs"s, "recursivefiles", "recursiveall", "alldirs", "allfiles" or "all". recursivedirs will read the given directory and step through every sub‐ directory, but only touches directories but no files. recursivefiles will read the given directory and step through every subdirectory, but only touches files but no directories. recursiveall will read the given directory and step through every sub‐ directory, it will touch every file and every directory. alldirs will read the given directory and touch every directory but no files. It will not step through subdirectories. allfiles will read the given directory and touch every file but no directories. It will not step through subdirectories. all will read the given directory and touch every file and every direc‐ tory. It will not step through subdirectories. if cmdspec is left out, exactly 'path' is checked and no recursion is done. if chkperm finds any dead symbolic links and -s or --set was specified, chkperm will remove them automatically. if chkperm should recursively step through directories, it will not follow symlinks FILEPATH is any valid path of the filesystem. Wildcards are not supported for the filepath. Lines starting with '#' are used as comments. OWNER.GROUP is a valid systemuser and -group combination. Either numeric or by name. If user is - (minus) no userchange is made. Same applies to group. MODE is any valid oktal-mode described by chmod(1). If MODE is - (minus), no modechange is made.
If the permission files contain multiple entries for a single file or directory, the first entry found will be used.Example configuration
recursivedirs /test oliver:oliver 755 recursivefiles /test oliver:oliver 644
All directories in /test (including the directory itself and all subdirectories) will get oliver:oliver as the owner an 755 as permission.
All files in /test (and all subdirectories) will get oliver:oliver as the owner an 644 as permission.↑ Top of page ↑
Clone the git reprository:
# git clone git://git.code.sf.net/p/chkperm/code chkperm
and change to the created directory. Type
to build the binary.
↑ Top of page ↑
There is an issue with hard links. Consider the following situation: User Peter has a file /home/peter/peter1 and user Paul creates a hard link to peter1 as /home/paul/paul1. If you now configure chkperm to change owners in /home/peter to peter:peter and in /home/paul to paul:paul you would accidently change the ownership of the same file twice, possibly giving the file to Paul finally.
For that reason chkperm will print a warning message if the target is a hard link and change nothing.
There still is a problem with hard links, though. Consider what happens if
Peter removes /home/peter/peter1
In this case /home/paul/paul1 will no longer be a hard link and chkperm will happy gift paul with a new file.