70

How can I get a file's permission mask like 644 or 755 on *nix using python?

Is there any function or class for doing that? Thank you very much!

ivanleoncz
  • 9,070
  • 7
  • 57
  • 49
davidx
  • 877
  • 1
  • 8
  • 6

9 Answers9

124

os.stat is a wrapper around the stat(2) system call interface.

>>> import os
>>> from stat import *
>>> os.stat("test.txt") # returns 10-tupel, you really want the 0th element ...
posix.stat_result(st_mode=33188, st_ino=57197013, \
    st_dev=234881026L, st_nlink=1, st_uid=501, st_gid=20, st_size=0, \
    st_atime=1300354697, st_mtime=1300354697, st_ctime=1300354697)

>>> os.stat("test.txt")[ST_MODE] # this is an int, but we like octal ...
33188

>>> oct(os.stat("test.txt")[ST_MODE])
'0100644'

From here you'll recognize the typical octal permissions.

S_IRWXU 00700   mask for file owner permissions
S_IRUSR 00400   owner has read permission
S_IWUSR 00200   owner has write permission
S_IXUSR 00100   owner has execute permission
S_IRWXG 00070   mask for group permissions
S_IRGRP 00040   group has read permission
S_IWGRP 00020   group has write permission
S_IXGRP 00010   group has execute permission
S_IRWXO 00007   mask for permissions for others (not in group)
S_IROTH 00004   others have read permission
S_IWOTH 00002   others have write permission
S_IXOTH 00001   others have execute permission

You are really only interested in the lower bits, so you could chop off the rest:

>>> oct(os.stat("test.txt")[ST_MODE])[-3:]
'644'
>>> # or better
>>> oct(os.stat("test.txt").st_mode & 0o777)

Sidenote: the upper parts determine the filetype, e.g.:

S_IFMT      0170000 bitmask for the file type bitfields
S_IFSOCK    0140000 socket
S_IFLNK     0120000 symbolic link
S_IFREG     0100000 regular file
S_IFBLK     0060000 block device
S_IFDIR     0040000 directory
S_IFCHR     0020000 character device
S_IFIFO     0010000 FIFO
S_ISUID     0004000 set UID bit
S_ISGID     0002000 set-group-ID bit (see below)
S_ISVTX     0001000 sticky bit (see below)
wjandrea
  • 28,235
  • 9
  • 60
  • 81
miku
  • 181,842
  • 47
  • 306
  • 310
  • 13
    I mostly like this answer, but bit masking seems cleaner than string slicing: ``oct(os.stat("test.txt").st_mode & 0777)`` – ncoghlan Jun 07 '12 at 07:24
  • oct(os.stat("test.txt")[ST_MODE])[-3:] does not work on OSX. Instead use oct(os.stat("test.txt")[0])[-3:] or the .st_mode & 0777 – J.J Jun 27 '15 at 15:25
  • 1
    @user3329564 it works for me - `ST_MODE` is in the `stat` module, did you import it? – Carson Myers Jul 16 '15 at 22:57
  • 1
    `os.stat` looks like it is returning a named tuple, so you can just access its values using dotted notation. `>> os.stat('.bashrc').st_mode` `33188` `>> os.stat('.bashrc').st_uid` `1000 ` So no need to `import stat`. – jerblack Jul 10 '18 at 17:45
55

I think this is the clearest way of getting a file's permission bits:

stat.S_IMODE(os.lstat("file").st_mode)

If the file is a symlink, os.lstat() will give you the mode of the link itself, whereas os.stat() dereferences the link. Therefore I find os.lstat() the most generally useful.

stat.S_IMODE() gets "the file’s permission bits, plus the sticky bit, set-group-id, and set-user-id bits".

Here's an example case, given regular file "testfile" and symlink to it, "testlink":

import stat
import os

print oct(stat.S_IMODE(os.lstat("testlink").st_mode))
print oct(stat.S_IMODE(os.stat("testlink").st_mode))

This script outputs the following for me:

0777
0666
wjandrea
  • 28,235
  • 9
  • 60
  • 81
aknuds1
  • 65,625
  • 67
  • 195
  • 317
  • 3
    Note that in [Python 3](https://www.python.org/download/releases/3.0/) there is [new syntax for octals](https://docs.python.org/dev/whatsnew/3.0.html#integers), [thus](https://stackoverflow.com/a/36386530/1321680) the output for the above example is: `0o777` and `0o666` instead of `0777` and `0666`. – patryk.beza Aug 04 '17 at 09:05
  • Since `stat.S_IMODE()` also includes the sticky, SGID, and SUID bits, the octal numbers might be up to 4 digits, so for display, it'd be better to 0-pad them to 4 digits: `format(stat.S_IMODE(...), '#06o')` (using 6 instead of 4 since the prefix `0o` counts), which results in `0o0777` and `0o0666`. – wjandrea May 26 '22 at 17:55
9

Another way to do it if you don't want to work out what stat means is to use the os.access command http://docs.python.org/library/os.html#os.access BUT read the docs about possible security issues

For instance to check permissions on the file test.dat which has read/write permissions

os.access("test.dat",os.R_OK)
>>> True

#Execute permissions
os.access("test.dat",os.X_OK)
>>> False

#And Combinations thereof
os.access("test.dat",os.R_OK or os.X_OK)
>>> True

os.access("test.dat",os.R_OK and os.X_OK)
>>> False
Dan Goldsmith
  • 444
  • 2
  • 5
2
oct(os.stat('file').st_mode)[4:]
vvvvv
  • 25,404
  • 19
  • 49
  • 81
newliver
  • 29
  • 3
2

os.access(path, mode) method returns True if access is allowed on path, False if not.

available modes are :

  1. os.F_OK - test the existence of path.
  2. os.R_OK - test the readability of path.
  3. os.W_OK - test the writability of path.
  4. os.X_OK - test if path can be executed.

for example, checking file /tmp/test.sh has execute permission

ls -l /tmp/temp.sh
-rw-r--r--  1 *  *  0 Mar  2 12:05 /tmp/temp.sh

os.access('/tmp/temp.sh',os.X_OK)
False

after changing the file permission to +x 
chmod +x /tmp/temp.sh

ls -l /tmp/temp.sh
-rwxr-xr-x  1 *  *  0 Mar  2 12:05 /tmp/temp.sh

os.access('/tmp/temp.sh',os.X_OK)
True
vvvvv
  • 25,404
  • 19
  • 49
  • 81
Prajilesh
  • 661
  • 4
  • 11
2

Here is a simple way to check the permissions of a directory .

import os
import stat

mode = os.stat("path_of_directory").st_mode

if not ((mode & stat.S_IWUSR):
  print('not writable by user')

if not ((mode & stat.S_IWUSR) and (mode & stat.S_IWGRP) and (mode & stat.S_IWOTH)):
  print('not writable by all')

The flag list is herebelow :

S_IRWXU 00700   mask for file owner permissions
S_IRUSR 00400   owner has read permission
S_IWUSR 00200   owner has write permission
S_IXUSR 00100   owner has execute permission
S_IRWXG 00070   mask for group permissions
S_IRGRP 00040   group has read permission
S_IWGRP 00020   group has write permission
S_IXGRP 00010   group has execute permission
S_IRWXO 00007   mask for permissions for others (not in group)
S_IROTH 00004   others have read permission
S_IWOTH 00002   others have write permission
S_IXOTH 00001   others have execute permission
vvvvv
  • 25,404
  • 19
  • 49
  • 81
eosphere
  • 316
  • 2
  • 6
1

There are a lot of file based functions inside the os module im sure. If you run os.stat(filename) you can always interprate the results.

http://docs.python.org/library/stat.html

Jakob Bowyer
  • 33,878
  • 8
  • 76
  • 91
0

os.stat is analogous to the c-lib stat (man 2 stat on linux to see the information)

stats = os.stat('file.txt')
print(stats.st_mode)
vvvvv
  • 25,404
  • 19
  • 49
  • 81
Mike Ramirez
  • 10,750
  • 3
  • 26
  • 20
-2

You can just run a Bash stat command with Popen if you want:

The normal Bash command:

jlc@server:~/NetBeansProjects/LineReverse$ stat -c '%A %a %n' revline.c
-rw-rw-r-- 664 revline.c

And then with Python:

>>> from subprocess import Popen, PIPE
>>> fname = 'revline.c'
>>> cmd = "stat -c '%A %a %n' " + fname
>>> out = Popen(cmd, shell=True, stdout=PIPE).communicate()[0].split()[1].decode()
>>> out
'664'

And here's another way if you feel like searching the directory:

>>> from os import popen
>>> cmd = "stat -c '%A %a %n' *"
>>> fname = 'revline.c'
>>> for i in popen(cmd):
...     p, m, n = i.split()
...     if n != fname:
...         continue
...     print(m)
        break
... 
664
>>>
  • 3
    While it's true that "you can", you really shouldn't, unless you're coding a one-off script and you don't care at all about performance. This method will create a new process each time the python program need to access a file's permission. Creating a new process is a heavy operation that should be avoided if possible. And since it's definitely possible in this case, this answer is giving bad advice. – silviot Apr 07 '20 at 15:15