Ubuntu – Directory with readable and unreadable files

chmodpermissions

I am root. I want to make a directory, SuperSensitiveDirectory, private so that only root can even read the files inside it and its sub-directories. There are passwords in these files, and they should not be visible to any users besides root.
There are two log files in a sub-directory of my SuperSensitiveDirectory, though, that I want to be visible (though not writable) to everyone.

Ideally, I'd make SuperSensitiveDirectory private and add some kind of exception for the log files. How can I do this?

If if can't be done, is there a way to recursively change all the files in SuperSensitiveDirectory to 700 permissions? If I did that, I could then individually change the permissions for the log files.

Best Answer

If you make your directory permission to 700 by

$ chmod -R 700 foo

and even if you do 777 to any other file inside it, then any other user cannot access the directory contents. So ultimately making the files inside it unreadable.

To resolve that you can create symbolic links of your log files in a directory with public read permissions, and also give read permissions to the links also.

Related Solutions

Ubuntu – Permisions set to unknown after chmod 777

Probably best to use find for this sort of thing.

Directories need to be x access , files do not, so different set of permissions.

# Files
find . -type f -exec chmod 644 '{}' \;

# Directories
find . -type d -exec chmod 755 '{}' \;

Ubuntu – Change group access to directory and all sub directories and files

The chown command is to change user and group ownership, to change permissions, you need chmod. So, once you have set the group ownership to pandya using chown as you have, change the permissions to give the group write access:

chmod -R g+w /media/pandya/Ext4/

From man chmod:

The format of a symbolic mode is [ugoa...][[+-=][perms...]...], where perms is either zero or more letters from the set rwxXst, or a single letter from the set ugo. Multiple symbolic modes can be given, separated by commas.

A combination of the letters ugoa controls which users' access to the file will be changed: the user who owns it (u), other users in the file's group (g), other users not in the file's group (o), or all users (a). If none of these are given, the effect is as if a were given, but bits that are set in the umask are not affected.

The operator + causes the selected file mode bits to be added to the existing file mode bits of each file; - causes them to be removed; and = causes them to be added and causes unmentioned bits to be removed

-R, --recursive

change files and directories recursively

So, g+w means "give users that belong to the file's group write access" and -R means apply to all files and subdirectories recursively.

Best Answer

Related Solutions

Ubuntu – Permisions set to unknown after chmod 777

Ubuntu – Change group access to directory and all sub directories and files

Related Question