SAN Scheduled Permissions Change

Ivan Lawrence -

Run a scheduled script to change the file permissions within the SAN

 

 Change the permissions recursively for all files (fastest execution time)

The command to change file system permissions is chmod.  The following will recursively  "open up" the permissions to allow anyone with connectivity to the box can read and write:

chmod -R 777 /path/to/directory/

SpycerBox example: chmod -R 777 /media/spycer-vol0/

This method has an unintended consequence...

Each file retains three time stamps: Access, Modify, and Change.  The aforementioned recursive permissions change will update the Change time for each file every time the schedule is run.  This is something to be aware of but may not have any adverse effects in your workflow (meaning, if you don't know you need it, you probably don't.)

Change the permissions for all file that match a criteria (less fast execution time)

An alternate method which will only update the files that do not have 777 or "wide open" file permissions would be scheduling the following command:

find /path/to/directory/ ! -perm 777 -exec chmod 777 {} \;

SpycerBox example: find /media/spycer-vol0/ ! -perm 777 -exec chmod 777 {} \;

This will find only files and directories that do not already have 777 permissions and modify them for 777 permissions.  This can also be used to change permissions on just files and not directories or just directories and not files, etc.  You can also execute multiple commands for each found item (log the name or path, etc.) which ads more flexibility in the future. 

 NOTE: Either method will update the Access time to the time the schedule is run unless the file system is mounted with the noatime flag.

Either way, Schedule it!

To run commands as a scheduled task you need to add it as a cron job.

Any command can be configured to run at any interval.  Linux provides for some built in intervals; hourly, daily, weekly, and monthly.  Depending on your workflow a frequency of hourly might be the best choice.  A simple implementation to run a command hourly would be to create a file containing the command and place it into /etc/cron.hourly/ directory (Note: change its permissions to match that of the other files in that directory.)

 

"Run Every Hour" ex: (run  /bin/chmod -R 777 /media/spycer-vol0/ every hour)

  1. As root type:  echo "/bin/chmod -R 777 /media/spycer-vol0/" >> /etc/cron.hourly/hourly_SAN_chmod
  2. As root type:  chmod +x /etc/cron.hourly/hourly_SAN_chmod

 

"Run Every Two Min" ex: (run find /media/spycer-vol0/ ! -perm 777 -exec chmod 777 {} \; every two minutes)

If you would like to run it more frequently you can configure the file /etc/crontab to include something like:

2 0 * * *  /usr/bin/find /media/spycer-vol0/ ! -perm 777 -exec chmod 777 \{\} \\\;

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.