我就废话不多说了,还是直接看代码吧!
# -*- coding: utf-8 -*- # @author flynetcn import sys, os, pwd, stat, datetime; LOG_FILE = '/var/log/checkDirPermission.log'; nginxWritableDirs = [ '/var/log/nginx', '/usr/local/www/var', ]; otherReadableDirs = [ '/var/log/nginx', '/usr/local/www/var/log', ]; dirs = []; files = []; def logger(level, str): logFd = open(LOG_FILE, 'a'); logFd.write(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f')+": "+("WARNING " if level else "NOTICE ")+str); logFd.close(); def walktree(top, callback): for f in os.listdir(top): pathname = os.path.join(top, f); mode = os.stat(pathname).st_mode; if stat.S_ISDIR(mode): callback(pathname, True); walktree(pathname, callback); elif stat.S_ISREG(mode): callback(pathname, False); else: logger(1, "walktree skipping %s\n" % (pathname)); def collectPath(path, isDir=False): if isDir: dirs.append(path); else: files.append(path); def checkNginxWritableDirs(paths): uid = pwd.getpwnam('nginx').pw_uid; gid = pwd.getpwnam('nginx').pw_gid; for d in paths: dstat = os.stat(d); if dstat.st_uid != uid: try: os.chown(d, uid, gid); except: logger(1, "chown(%s, nginx, nginx) failed\n" % (d)); def checkOtherReadableDirs(paths, isDir=False): for d in paths: dstat = os.stat(d); if isDir: checkMode = 5; willBeMode = dstat.st_mode | stat.S_IROTH | stat.S_IXOTH; else: checkMode = 4; willBeMode = dstat.st_mode | stat.S_IROTH; if int(oct(dstat.st_mode)[-1:]) & checkMode != checkMode: try: os.chmod(d, willBeMode); except: logger(1, "chmod(%s, %d) failed\n" % (d, oct(willBeMode))); if __name__ == "__main__": for d in nginxWritableDirs: walktree(d, collectPath) dirs = dirs + files; checkNginxWritableDirs(dirs); dirs = []; files = []; for d in otherReadableDirs: walktree(d, collectPath) checkOtherReadableDirs(dirs, True); checkOtherReadableDirs(files, False);
补充知识:Python中获取某个用户对某个文件或目录的访问权限
在Python中我们通常可以使用os.access()函数来获取当前用户对某个文件或目录是否有某种权限,但是要获取某个用户对某个文件或目录是否有某种权限python中没有很好的方法直接获取,因此我写了个函数使用stat和pwd模块来实现这一功能。
#!/usr/bin/env python # -*- coding: utf-8 -*- import os import pwd import stat def is_readable(path, user): user_info = pwd.getpwnam(user) uid = user_info.pw_uid gid = user_info.pw_gid s = os.stat(path) mode = s[stat.ST_MODE] return ( ((s[stat.ST_UID] == uid) and (mode & stat.S_IRUSR > 0)) or ((s[stat.ST_GID] == gid) and (mode & stat.S_IRGRP > 0)) or (mode & stat.S_IROTH > 0) ) def is_writable(path, user): user_info = pwd.getpwnam(user) uid = user_info.pw_uid gid = user_info.pw_gid s = os.stat(path) mode = s[stat.ST_MODE] return ( ((s[stat.ST_UID] == uid) and (mode & stat.S_IWUSR > 0)) or ((s[stat.ST_GID] == gid) and (mode & stat.S_IWGRP > 0)) or (mode & stat.S_IWOTH > 0) ) def is_executable(path, user): user_info = pwd.getpwnam(user) uid = user_info.pw_uid gid = user_info.pw_gid s = os.stat(path) mode = s[stat.ST_MODE] return ( ((s[stat.ST_UID] == uid) and (mode & stat.S_IXUSR > 0)) or ((s[stat.ST_GID] == gid) and (mode & stat.S_IXGRP > 0)) or (mode & stat.S_IXOTH > 0) )
使用方法
print is_readable('/home', root) print is_writable('/home', root) print is_executable('/home', root) print is_readable('/tmp', admin) print is_writable('/tmp', admin) print is_executable('/tmp', admin)
以上这篇python检查目录文件权限并修改目录文件权限的操作就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持亿速云。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。