Is there a combine variant for chmod and chgrp that sets both permissions and groups in one single system call for each file?
Asked
Active
Viewed 2,486 times
4
Amandasaurus
- 58,203
- 71
- 188
- 248
Nordlöw
- 11,838
- 10
- 52
- 99
2 Answers
3
There is no such a variant because the two operations chmod(2) and chown(2) are implemented by distinct system calls.
Getting away with chmod and chown
You might be looking for such a variant of chmod and chown because of security issues. If this is the case, you can use the following strategy:
- Strip mode flags to a very conservative set (possibly empty) on the target file.
- Change owner and group of the target file.
- Give the target file the desired mode flags.
This way you avoid potential security issues associated to successive calls to chmod and chown or to chown and chmod.
The install/open trick
The only system call setting mode flags and ownership information at the same time might be open(2). So, you could use a process impersonating the target owner opening the file with the appropriate mode. This is probably what install does, so if this is an option:
- Rename the old file.
- Copy the old file to the new file with the desired ownership and access mode information using the
installcommand. - Delete the old file.
Doing this will break hard links, however. The solution based on chown and chmod does not have that issue.
user40989
- 228
- 1
- 6
1
AFAIK, no.
Furthermore, since the file access mode and owner / group information are set using different syscalls (see man 2 chmod and man 2 chown), I don't think it would be possible to implement such a command ... at least on a mainstream Unix-like system.
(Obviously, one could modify a GNU/Linux kernel to add a combined system call, but then the hypothetical command that used the syscall wouldn't be portable.)
Stephen C
- 698,415
- 94
- 811
- 1,216