Custom default permissions on specific folder

Goal: Any file or directory uploaded / created under a specific folder to have read, write, execute (777) permissions.

Environment: CentOS 5.5, Kernel: 2.6.18-194.17.1.el5

I was looking for a solution to have read, write, execute permissions for all since I wanted to delete files and folders from a php script and the files were created by an external application, not able to set permissions. My php script is using the unlink() function to delete the file and then the rmdir() to delete the folder.

Let’s assume that the php script deletes a file and a directory under the folder /test. So this script deletes for example this file and folder: /test/folder/file.xml and then /test/folder. The problem is that if you don’t set write permissions the file will not be deleted. Moreover the folder /test is getting new data by another external script not in php that uploads data into this folder.

To achieve this the solution needed to be server side. The first idea was to use umask, but as I was told by my hosting company support that this can’t be set for a specific user or folder it will be system wide. So I had to find an alternative solution.

The solution was given by a friend who saved my day :) and credits go to him for the script, you can find him through his website ->http://tasos.pavta.com/myblog/. You can use the inotify-tools to monitor any changes on the filesystem and then you can set the permissions. One more advantage of this solution is that you don’t need to be root to set the permissions. Finally by correctly configuring the script you will be able to set it running always on your system and it will auto execute after a reboot.

Step 1 – Install inotify-tools

In my environment inotify-tools was not included at the yum packages, so I had to download it and install it. Run:

wget ftp://ftp.pbone.net/mirror/ftp.freshrpms.net/pub/freshrpms/pub/dag/redhat/el5/en/x86_64/dag/RPMS/inotify-tools-3.13-1.el5.rf.x86_64.rpm

and then:

rpm -ivh inotify-tools-3.13-1.el5.rf.x86_64.rpm

Step 2 – The script

#!/bin/sh
#
# Startup script for the "make everything under /test writable" service
#
# chkconfig: - 85 15
# description: Starts the "make everything under /test writable" service
# processname: inotify

inotifywait -mrq -e CREATE --format %w%f /test | while IFS= read -r FILE; do chmod 777 "$FILE"; done &

The comments above are needed for the next step. The & symbol sends the process to the background.

Step 3 – Make it always auto-running after restart

Save the script under /etc/init.d

Then run:

chkconfig --add inotify

to add inotify to the list of process that would run at the startup and then finally run:

ntsysv

to set inotify process to run at the startup.

By now you should be all done. :) Whatever is created under the /test folder and only there will have 777 permissions.

Please comment for questions or further ideas.

* Notes: Using 777 permissions on a public server might be a security hole, so use this with care.

Further reading on about the init startup scripts: http://support.suso.com/supki/CentOS_Init_startup_scripts

This entry was posted in Scripts, Solutions and tagged , , , . Bookmark the permalink.

One Response to Custom default permissions on specific folder

  1. view digital says:

    Hi! This is my first visit to your blog! We are a team of volunteers and starting a new project in a community
    in the same niche. Your blog provided us valuable information to work on. You have done a wonderful job!

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>