From Wiki-UX.info

Wiki-UX / Backup Commands / How to backup and restore file owner and permissions
Jump to: navigation, search

How to backup and restore file owner and permissions

Contents

Abstract

This article describes a method to protect and recover file system permissions using a file system permissions report file.

Every now and then, somebody runs chown -R or chmod -R command on an entire file system or mount point without understanding the implications of the command. That can be really destructive to the point of leaving the system in a state where only a full restore from backup can repair it.

Sometimes it is possible to recover from these situations if you have an updated backup of your file system owner and permissions prior to the change or if you have a very similar system from which the correct information can be extracted.

Creating an owner / Permission report

First create a sed script that allows you to convert the permissions list to octal mode, for example: ~/octalperm.sed

# Directory listings numerical permissions sed script
# By David Cornish (www.davidcornish.com)
#
# File type
s/^\([dlhp-]\)/\1 /
 
# First value - normal (0), sticky (1), sgid (2), suid (4)
s/\(^. \)/\10/
s/\(^.\) .\(........\)t/\1 1\2x/
s/\(^.\) 0\(..\)s/\1 4\2x/
s/\(^.\) 1\(..\)s/\1 5\2x/
s/\(^.\) 0\(.....\)s/\1 2\2x/
s/\(^.\) 1\(.....\)s/\1 3\2x/
s/\(^.\) 4\(.....\)s/\1 6\2x/
s/\(^.\) 5\(.....\)s/\1 7\2x/
 
# Read (4)/write (2)/execute (1) permissions
s/rwx/7/g
s/rw-/6/g
s/r-x/5/g
s/r--/4/g
s/-wx/3/g
s/-w-/2/g
s/--x/1/g
s/---/0/g

This sed script allows to quickly translate a ls -l output to octal mode, for example:

# ls -l /var/tmp/HP11e134.SD | sed -f ~/octalperm.sed
- 0644   1 root       sys        3737600 Jan 17 15:13 /var/tmp/HP11e134.SD
  • Note: The script also handles a tar -tv output that provides another very similar one: ls -l.

Use the find command and this sed script to create a report that keeps record of the owner and permissions of every directory and file.

#!/bin/sh
# This script allows to create a directory / file permissions report
# Alejandro Marin, Wiki-UX.info, (c) 2010
#
 
# Test if the directory parameter was provided
test -r $1 2> /dev/null
if [ $? -eq 1 ]
 then echo "usage: fileperm <directory>"; exit 1
fi
 
# Verify that the directory exists
if [ ! -d $1 ]
 then echo "Directory $1 does not exist!"; exit 2
fi
 
find $1 -type d -xdev -exec ll -d {} \; | \
sed -f ~/octalperm.sed  | \
awk '{printf "%s %s %s %s\n", $2, $4, $5, $10}'
 
find $1 -type f -xdev -exec ll {} \; | \
sed -f ~/octalperm.sed  | \
awk '{printf "%s %s %s %s\n", $2, $4, $5, $10}'
 
exit 0

Example:

# ~/fileperm.sh /var/tmp
1777 root root /var/tmp
0777 501 501 /var/tmp/shc-3.8.6.new
0555 root root /var/tmp/bgpd
...

Recover file system permissions

Later, recovery file system permissions can be accomplished reading the saved output of the command to a series of chown and chmod commands. This awk script allows to do exactly that.

awk '{printf "chown %s %s %s\nchmod %s %s\n", $2, $3, $10, $1, $10}'

Example:

# ~/fileperm.sh /var/tmp | awk '{printf "chown %s:%s %s\nchmod %s %s\n", $2, $3, $4, $1, $4}'
chown root:root /var/tmp
chmod 1777 /var/tmp
chown 501:501 /var/tmp/shc-3.8.6.new
chmod 0777 /var/tmp/shc-3.8.6.new
chown root:root /var/tmp/bgpd
chmod 0555 /var/tmp/bgpd
...

Add file size to the report

#!/bin/sh
# This script allows to create a directory / file permissions report
# Alejandro, Hewlett-Packard, (c) 2008
#
 
# Test if the directory parameter was provided
test -r $1 2> /dev/null
if [ $? -eq 1 ]
 then echo "usage: fileperm <directory>"; exit 1
fi
 
# Verify that the directory exists
if [ ! -d $1 ]
 then echo "Directory $1 does not exist!"; exit 2
fi
 
find $1 -type d -xdev -exec ll -d {} \; | \
sed -f ~/octalperm.sed  | \
awk '{printf "%s %s %s %s %s\n", $2, $4, $5, $10, $6}'
 
find $1 -type f -xdev -exec ll {} \; | \
sed -f ~/octalperm.sed  | \
awk '{printf "%s %s %s %s %s\n", $2, $4, $5, $10, $6}'
 
exit 0

References

Authors

Editor

This page was last modified on 20 April 2011, at 19:09. This page has been accessed 2,388 times.