Is there a tool to check and manage file permissions?

Question

I developed a set of rules for file and directory owner and permissions for our company server. E.g.:

Projects/: permission 750, owner root, group internal
Projects/* (directories): permission 2770, group internal
Projects/*/* (files): permission 644, group internal
Projects/*/* (directories): permission 2770, group internal
Office/: permission 2770, owner root, group internal
...

I started to write a script for checking these rules. But this became really uncomfortable. An option for automatic correction would be also nice. I already discovered systemd-tmpfiles which does a similar job but (imho) lacks of reporting feature. I don't know if it will support the wildcards, too. Defining some exclusions rules would also be nice.

Does someone know if there's maybe a solution for that? I already searched for linux file system permission services, but the results were really misleading.

Software recommendations are off topic. But every configuration management tool is able to do that. — Gerald Schneider, Feb 15 '22 at 12:44

score 0 · Answer 1 · answered Feb 15 '22 at 12:47

0

You need mtree.

The utility mtree compares the file hierarchy rooted in the current directory against a specification read from the standard input.

answered Feb 15 '22 at 12:47

AlexD

8,747
2
29
38

Hello! Thank you for that hint. Despite that there seems to be really less documentation I checked some features. The following guide helped me a lot: https://forums.freebsd.org/threads/small-guide-on-using-mtree.61113/ But I think mtree does not cover my use case of checking all directories (and files) recursively. E.g.: find -type d -not \( -perm 2770 -and -group office \). This would also check all sub-directories. – user10070149 Feb 15 '22 at 14:06

Is there a tool to check and manage file permissions?

1 Answers1