Python views the read and write permission method for a file
- 2020-07-21 09:05:09
- OfStack
Examples are as follows:
# -*- coding: utf-8 -*-
# @author flynetcn
import sys, os, pwd, stat, datetime;
LOG_FILE = '/var/log/checkDirPermission.log';
nginxWritableDirs = [
'/var/log/nginx',
'/usr/local/www/var',
];
otherReadableDirs = [
'/var/log/nginx',
'/usr/local/www/var/log',
];
dirs = [];
files = [];
def logger(level, str):
logFd = open(LOG_FILE, 'a');
logFd.write(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f')+": "+("WARNING " if level else "NOTICE ")+str);
logFd.close();
def walktree(top, callback):
for f in os.listdir(top):
pathname = os.path.join(top, f);
mode = os.stat(pathname).st_mode;
if stat.S_ISDIR(mode):
callback(pathname, True);
walktree(pathname, callback);
elif stat.S_ISREG(mode):
callback(pathname, False);
else:
logger(1, "walktree skipping %s\n" % (pathname));
def collectPath(path, isDir=False):
if isDir:
dirs.append(path);
else:
files.append(path);
def checkNginxWritableDirs(paths):
uid = pwd.getpwnam('nginx').pw_uid;
gid = pwd.getpwnam('nginx').pw_gid;
for d in paths:
dstat = os.stat(d);
if dstat.st_uid != uid:
try:
os.chown(d, uid, gid);
except:
logger(1, "chown(%s, nginx, nginx) failed\n" % (d));
def checkOtherReadableDirs(paths, isDir=False):
for d in paths:
dstat = os.stat(d);
if isDir:
checkMode = 5;
willBeMode = dstat.st_mode | stat.S_IROTH | stat.S_IXOTH;
else:
checkMode = 4;
willBeMode = dstat.st_mode | stat.S_IROTH;
if int(oct(dstat.st_mode)[-1:]) & checkMode != checkMode:
try:
os.chmod(d, willBeMode);
except:
logger(1, "chmod(%s, %d) failed\n" % (d, oct(willBeMode)));
if __name__ == "__main__":
for d in nginxWritableDirs:
walktree(d, collectPath)
dirs = dirs + files;
checkNginxWritableDirs(dirs);
dirs = [];
files = [];
for d in otherReadableDirs:
walktree(d, collectPath)
checkOtherReadableDirs(dirs, True);
checkOtherReadableDirs(files, False);
os. chmod(path,mode) this method should be simple and require only 2 arguments, 1 for the path and 1 for the pattern specifying the path. Here is a list of 1 common patterns that can be used in this usage:
stat.S_ISUID: Set user ID on execution
stat.S_ISGID: Set group ID on execution. Not commonly used
stat.S_ENFMT: Record locking enforced. Not commonly used
stat.S_ISVTX: Save text after execution. Save text and pictures after execution
stat.S_IREAD: Read by owner. Permission for owner to read
stat. S_IWRITE: Write by owner. Permissions written by the owner
stat.S_IEXEC: Execute by owner. Permissions executed for the owner
stat.S_IRWXU: Read, write, and execute by owner. Permissions for owner to read and write execution
stat_IRUSR: Read by owner. Permission for owner to read
stat.S_IWUSR: Write by owner. Permissions written by the owner
stat.S_IXUSR: Execute by owner. Permissions performed by the owner
stat.S_IRWXG: Read, write, and execute by group
stat.S_IRGRP: Read by group. Permission to read in the same group
stat.S_IWGRP: Write by group. Permission to write in the same group
stat.S_IXGRP: Execute by group. Permissions executed for the same group
stat.S_IRWXO: Read, write, and execute by others. Permissions to read and write to other groups
stat.S_IROTH: Read by others. Read permissions for other groups
stat.S_IWOTH: Write by others. Permissions to write to other groups
stat.S_IXOTH: Execute by others. Permissions performed on other groups
>>> os.stat('test')
posix.stat_result(st_mode=33204, st_ino=93328670, st_dev=18L, st_nlink=1, st_uid=30448, st_gid=1000, st_size=0, st_atime=1445932321, st_mtime=1445932321, st_ctime=1445932321)
>>> os.stat('test').st_mode
33204
>>> oct(os.stat('test').st_mode)
'0100664'
>>> oct(os.stat('test').st_mode)[-3:]
'664'