How to backup and restore file owner and permissions
Contents
Abstract[edit]
This article describes a method to protect and recover file system permissions using a file system permissions report file.
Every now and then, somebody runs chown -R or chmod -R command on an entire file system or mount point without understanding the implications of the command. That can be really destructive to the point of leaving the system in a state where only a full restore from backup can repair it.
Sometimes it is possible to recover from these situations if you have an updated backup of your file system owner and permissions prior to the change or if you have a very similar system from which the correct information can be extracted.
Creating an owner / Permission report[edit]
First create a sed script that allows you to convert the permissions list to octal mode, for example: ~/octalperm.sed
# Directory listings numerical permissions sed script
# By David Cornish (www.davidcornish.com)
#
# File type
s/^\([dlhp-]\)/\1 /
# First value - normal (0), sticky (1), sgid (2), suid (4)
s/\(^. \)/\10/
s/\(^.\) .\(........\)t/\1 1\2x/
s/\(^.\) 0\(..\)s/\1 4\2x/
s/\(^.\) 1\(..\)s/\1 5\2x/
s/\(^.\) 0\(.....\)s/\1 2\2x/
s/\(^.\) 1\(.....\)s/\1 3\2x/
s/\(^.\) 4\(.....\)s/\1 6\2x/
s/\(^.\) 5\(.....\)s/\1 7\2x/
# Read (4)/write (2)/execute (1) permissions
s/rwx/7/g
s/rw-/6/g
s/r-x/5/g
s/r--/4/g
s/-wx/3/g
s/-w-/2/g
s/--x/1/g
s/---/0/g
This sed script allows to quickly translate a ls -l output to octal mode, for example:
# ls -l /var/tmp/HP11e134.SD | sed -f ~/octalperm.sed - 0644 1 root sys 3737600 Jan 17 15:13 /var/tmp/HP11e134.SD
- Note: The script also handles a tar -tv output that provides another very similar one: ls -l.
Use the find command and this sed script to create a report that keeps record of the owner and permissions of every directory and file.
#!/bin/sh
# This script allows to create a directory / file permissions report
# Alejandro Marin, Wiki-UX.info, (c) 2010
#
# Test if the directory parameter was provided
test -r $1 2> /dev/null
if [ $? -eq 1 ]
then echo "usage: fileperm <directory>"; exit 1
fi
# Verify that the directory exists
if [ ! -d $1 ]
then echo "Directory $1 does not exist!"; exit 2
fi
find $1 -type d -xdev -exec ll -d {} \; | \
sed -f ~/octalperm.sed | \
awk '{printf "%s %s %s %s\n", $2, $4, $5, $10}'
find $1 -type f -xdev -exec ll {} \; | \
sed -f ~/octalperm.sed | \
awk '{printf "%s %s %s %s\n", $2, $4, $5, $10}'
exit 0
Example:
# ~/fileperm.sh /var/tmp 1777 root root /var/tmp 0777 501 501 /var/tmp/shc-3.8.6.new 0555 root root /var/tmp/bgpd ...
Recover file system permissions[edit]
Later, recovery file system permissions can be accomplished reading the saved output of the command to a series of chown and chmod commands. This awk script allows to do exactly that.
awk '{printf "chown %s %s %s\nchmod %s %s\n", $2, $3, $10, $1, $10}'
Example:
# ~/fileperm.sh /var/tmp | awk '{printf "chown %s:%s %s\nchmod %s %s\n", $2, $3, $4, $1, $4}'
chown root:root /var/tmp chmod 1777 /var/tmp chown 501:501 /var/tmp/shc-3.8.6.new chmod 0777 /var/tmp/shc-3.8.6.new chown root:root /var/tmp/bgpd chmod 0555 /var/tmp/bgpd ...
Add file size to the report[edit]
#!/bin/sh
# This script allows to create a directory / file permissions report
# Alejandro, Hewlett-Packard, (c) 2008
#
# Test if the directory parameter was provided
test -r $1 2> /dev/null
if [ $? -eq 1 ]
then echo "usage: fileperm <directory>"; exit 1
fi
# Verify that the directory exists
if [ ! -d $1 ]
then echo "Directory $1 does not exist!"; exit 2
fi
find $1 -type d -xdev -exec ll -d {} \; | \
sed -f ~/octalperm.sed | \
awk '{printf "%s %s %s %s %s\n", $2, $4, $5, $10, $6}'
find $1 -type f -xdev -exec ll {} \; | \
sed -f ~/octalperm.sed | \
awk '{printf "%s %s %s %s %s\n", $2, $4, $5, $10, $6}'
exit 0
