You may have heard of a tragic mistake of a rookie sysadmin who accidentally typed "chmod -R 777 /
" and wreaked havoc to his/her Linux system. Sure, there are backup tools (e.g., cp
, rsync
, etckeeper
) which can back up files along with their file permissions. If you are using such backup tools, no worries about corrupted file permissions.
But there are cases where you want to temporarily back up file permissions alone (not files themselves). For example, you want to prevent the content of some directory from being overwritten, so you temporarily remove write permission on all the files under the directory. Or you are in the middle of troubleshooting file permission issues, so running chmod
on files here and there. In these cases, it will be nice to be able to back up the original file permissions before the change, so that you can recover the original file permissions later when needed. In many cases, full file backup is an overkill when all you really want is to back up file permissions.
On Linux, it is actually straightforward to back up and restore file permissions using access control list (ACL). The ACL defines access permissions on individual files by different owners and groups on a POSIX-compliant filesystem.
Here is how to back up and restore file permissions on Linux using ACL tools.
Install ACL Tools on Linux
First of all, make sure that you have ACL tools installed.
For Debian, Ubuntu or Linux Mint:
$ sudo apt-get install acl
For CentOS, Fedora or RHEL:
$ sudo yum install acl
Back up and Restore File Permission with ACL Tools
To back up the file permissions of all the files in the current directory (and all its sub directories recursively), run the following command.
$ getfacl -R . > permissions.txt
This command will export ACL information of all the files into a text file named permissions.txt
.
$ ls -alR
For example, the following is a snippet of permissions.txt
generated from the directory shown in the screenshot.
# file: . # owner: dan # group: dan user::rwx group::rwx other::r-x # file: tcpping # owner: dan # group: dan # flags: s-- user::rwx group::rwx other::r-x # file: sume-files.ova # owner: dan # group: dan user::rw- group::rw- other::r--
Now go ahead and change the file permissions as you want. For example:
$ chmod -R a-w .
To restore the original file permissions, go to the directory where permissions.txt
was generated, and simply run:
$ setfacl --restore=permissions.txt
Verify that the original file permissions have been restored.