JORDAN@gmr.COM (07/06/90)
Is there a command available that will change the owner and group of every file in the current directory, and every file & directory below the current directory? Or will I have to write my own shell program? Any assistance appreciated!! t p mugabi-jordan 1151 crooks road troy, michigan 48084 gm - systems engineering center (313) 280 6766
arc@thyme.wpd.sgi.com (Andrew Cherenson) (07/08/90)
In article <9007052117.aa00502@VGR.BRL.MIL> JORDAN@gmr.COM writes: >Is there a command available that will change the owner and group >of every file in the current directory, and every file & directory >below the current directory? > >Or will I have to write my own shell program? > >Any assistance appreciated!! > >t p mugabi-jordan >1151 crooks road >troy, michigan 48084 >gm - systems engineering center >(313) 280 6766 IRIX 3.3 has the BSD version of chown(1) and chgrp(1). With the -R option, "the command recursively descends its directory arguments setting the specified owner or group."
karron@MCIRPS2.MED.NYU.EDU (07/08/90)
JORDAN%gmr.com@relay.cs.net asks about "chown thru multiple directories" >Is there a command available that will change the owner and group >of every file in the current directory, and every file & directory >below the current directory? > >Or will I have to write my own shell program? Do this one liner: find /$startdir -exec chown $username "{}" \; -print Rr to change both the user and the owner find /$startdir -exec chgrp $usergrouop "{}" \; -exec chown $username "{}" \; -p rint the -print is optional. It justs shows you what find is finding. Replace $startdir,$username,$usergroup with your actual value. Tar also has setting that will unload an archives with the current users ownership and group. Have to look that up. I always forget it when unloading tar archives and then do the above to fix things. The real problem is when you are unloading an archive with root permissions as a user with no permissions. Then you can not chown and chgrp on the monster you have just created. You are stuck until root can do it for you. -- +-----------------------------------------------------------------------------+ | karron@nyu.edu Dan Karron | | . . . . . . . . . . . . . . New York University Medical Center | | 560 First Avenue \ \ Pager <1> (212) 397 9330 | | New York, New York 10016 \**\ <2> 10896 <3> <your-number-here> | | (212) 340 5210 \**\__________________________________________ | +-----------------------------------------------------------------------------+
karron@MCIRPS2.MED.NYU.EDU (07/10/90)
I like your way best, but all this mucking is obsolete with the xxx -R option, which I just learned about from this discussion. dan.. -- +-----------------------------------------------------------------------------+ | karron@nyu.edu Dan Karron | | . . . . . . . . . . . . . . New York University Medical Center | | 560 First Avenue \ \ Pager <1> (212) 397 9330 | | New York, New York 10016 \**\ <2> 10896 <3> <your-number-here> | | (212) 340 5210 \**\__________________________________________ | +-----------------------------------------------------------------------------+
meyer@gorgo.ifi.unizh.ch (Urs Meyer) (07/10/90)
>JORDAN%gmr.com@relay.cs.net asks about "chown thru multiple directories" > >>Is there a command available that will change the owner and group >>of every file in the current directory, and every file & directory >>below the current directory? > >Do this one liner: > >find /$startdir -exec chown $username "{}" \; -print > >| karron@nyu.edu Dan Karron | WARNING: There is a security leak in this procedure if the super-user executes the find command. If a file in the user's directory tree is a (symbolic) link, the file pointed to by the link will change ownership and not the link itself. Therefore, if the user has a link to /etc/passwd, he will own is afterwards. This is true at least up to IRIX 3.2.1. Omit at least the links in the find command: find /$startdir ! -type l -exec ... Or let the user copy his stuff using tar. I really don't like the way symbolic links are implemented in IRIX. But, there have been enough discussions on that topic. Urs Meyer ---------- meyer@ifi.unizh.ch, {uunet,...}!mcsun!cernvax!unizh!meyer University of Zurich, Dept of Computer Science, Multimedia Lab, CH-8057 Zurich
mccalpin@vax1.acs.udel.EDU (John D Mccalpin) (07/10/90)
JORDAN%gmr.com@relay.cs.net asks about "chown thru multiple directories" >>Is there a command available that will change the owner and group >>of every file in the current directory, and every file & directory >>below the current directory? In article <see above> karron@MCIRPS2.MED.NYU.EDU writes: > >find /$startdir -exec chown $username "{}" \; -print > >karron@nyu.edu Dan Karron Although this is not an SGI-specific issue, I would like to point out that this approach can be *very* slow for large directory trees since the 'find' program forks off a 'chown' program for each file that it finds. A much more efficient approach is to use xargs: find . -print | xargs chown $username This will bundle up the names into larger groups and call 'chown' on the groups. -- John D. McCalpin mccalpin@vax1.udel.edu Assistant Professor mccalpin@delocn.udel.edu College of Marine Studies, U. Del. mccalpin@scri1.scri.fsu.edu
vjs@rhyolite.wpd.sgi.com (Vernon Schryver) (07/11/90)
In article <1990Jul10.105223.27591@gorgo.ifi.unizh.ch>, meyer@gorgo.ifi.unizh.ch (Urs Meyer) writes: > > > >find /$startdir -exec chown $username "{}" \; -print > > WARNING: > There is a security leak in this procedure if the super-user executes > the find command. If a file in the user's directory tree is a > (symbolic) link, the file pointed to by the link will change ownership > and not the link itself. Therefore, if the user has a link to /etc/passwd, > he will own is afterwards. > This is true at least up to IRIX 3.2.1. That statement is true in all BSD derived systems with BSD style symbolic links. In other words, the statement above applies to all common UNIX systems with symbolic links. If we changed it, a zillion people would get on our case for being incompatible. Symbolic links would also be almost useless. > Omit at least the links in the find command: > > find /$startdir ! -type l -exec ... > > Or let the user copy his stuff using tar. > > I really don't like the way symbolic links are implemented in IRIX. > But, there have been enough discussions on that topic. > > Urs Meyer ---------- meyer@ifi.unizh.ch, {uunet,...}!mcsun!cernvax!unizh!meyer > University of Zurich, Dept of Computer Science, Multimedia Lab, CH-8057 Zurich What if a user creates a hard link to /etc/passwd, and then asks that any of the "find ..." commands be run? (E.g., "gee, I restored my tape into /tmp. Please make the files usable") Please notice that "! -type l" will not detect hard links. There is another security hole in both versions if you have "." in root's PATH before "/bin". If you are concerned about such things, you might consider find /$startdir ! -user 0 -print | xargs /bin/chown This is inferior to `chown -R` in 3.3, but it or variations are incredibly faster than `find ... exec` and close both security concerns. (Pointing out xargs is my excuse for wasting everyone's time. Xargs is one of the few good things in SVR2 that is not in BSD.) Vernon Schryver vjs@sgi.com
msc@ramoth.esd.sgi.com (Mark Callow) (07/11/90)
In article <1990Jul10.105223.27591@gorgo.ifi.unizh.ch>, meyer@gorgo.ifi.unizh.ch (Urs Meyer) writes: |> |> WARNING: |> There is a security leak in this procedure if the super-user executes |> the find command. If a file in the user's directory tree is a |> (symbolic) link, the file pointed to by the link will change ownership |> and not the link itself. Therefore, if the user has a link to /etc/passwd, |> he will own is afterwards. |> This is true at least up to IRIX 3.2.1. |> |> I really don't like the way symbolic links are implemented in IRIX. |> But, there have been enough discussions on that topic. The same exact thing happens with hard links. This isn't surprising since symbolic links were designed to be semantically the same as hard links. As far as I know symbolic links in IRIX are implemented identically to those in BSD and SunOS. I think this is a case of buyer beware of the sharp tools. -- From the TARDIS of Mark Callow msc@ramoth.sgi.com, ...{ames,decwrl}!sgi!msc "There is much virtue in a window. It is to a human being as a frame is to a painting, as a proscenium to a play. It strongly defines its content."