python检查目录文件权限并修改目录文件权限的操作

我就废话不多说了,还是直接看代码吧!

# -*- coding: utf-8 -*-

# @author flynetcn

import sys, os, pwd, stat, datetime;

LOG_FILE = '/var/log/checkDirPermission.log';

nginxWritableDirs = [

'/var/log/nginx',

'/usr/local/www/var',

];

otherReadableDirs = [

'/var/log/nginx',

'/usr/local/www/var/log',

];

dirs = [];

files = [];

def logger(level, str):

logFd = open(LOG_FILE, 'a');

logFd.write(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f')+": "+("WARNING " if level else "NOTICE ")+str);

logFd.close();

def walktree(top, callback):

for f in os.listdir(top):

pathname = os.path.join(top, f);

mode = os.stat(pathname).st_mode;

if stat.S_ISDIR(mode):

callback(pathname, True);

walktree(pathname, callback);

elif stat.S_ISREG(mode):

callback(pathname, False);

else:

logger(1, "walktree skipping %s\n" % (pathname));

def collectPath(path, isDir=False):

if isDir:

dirs.append(path);

else:

files.append(path);

def checkNginxWritableDirs(paths):

uid = pwd.getpwnam('nginx').pw_uid;

gid = pwd.getpwnam('nginx').pw_gid;

for d in paths:

dstat = os.stat(d);

if dstat.st_uid != uid:

try:

os.chown(d, uid, gid);

except:

logger(1, "chown(%s, nginx, nginx) failed\n" % (d));

def checkOtherReadableDirs(paths, isDir=False):

for d in paths:

dstat = os.stat(d);

if isDir:

checkMode = 5;

willBeMode = dstat.st_mode | stat.S_IROTH | stat.S_IXOTH;

else:

checkMode = 4;

willBeMode = dstat.st_mode | stat.S_IROTH;

if int(oct(dstat.st_mode)[-1:]) & checkMode != checkMode:

try:

os.chmod(d, willBeMode);

except:

logger(1, "chmod(%s, %d) failed\n" % (d, oct(willBeMode)));

if __name__ == "__main__":

for d in nginxWritableDirs:

walktree(d, collectPath)

dirs = dirs + files;

checkNginxWritableDirs(dirs);

dirs = [];

files = [];

for d in otherReadableDirs:

walktree(d, collectPath)

checkOtherReadableDirs(dirs, True);

checkOtherReadableDirs(files, False);

补充知识:Python中获取某个用户对某个文件或目录的访问权限

在Python中我们通常可以使用os.access()函数来获取当前用户对某个文件或目录是否有某种权限,但是要获取某个用户对某个文件或目录是否有某种权限python中没有很好的方法直接获取,因此我写了个函数使用stat和pwd模块来实现这一功能。

#!/usr/bin/env python

# -*- coding: utf-8 -*-

import os

import pwd

import stat

def is_readable(path, user):

user_info = pwd.getpwnam(user)

uid = user_info.pw_uid

gid = user_info.pw_gid

s = os.stat(path)

mode = s[stat.ST_MODE]

return (

((s[stat.ST_UID] == uid) and (mode & stat.S_IRUSR > 0)) or

((s[stat.ST_GID] == gid) and (mode & stat.S_IRGRP > 0)) or

(mode & stat.S_IROTH > 0)

)

def is_writable(path, user):

user_info = pwd.getpwnam(user)

uid = user_info.pw_uid

gid = user_info.pw_gid

s = os.stat(path)

mode = s[stat.ST_MODE]

return (

((s[stat.ST_UID] == uid) and (mode & stat.S_IWUSR > 0)) or

((s[stat.ST_GID] == gid) and (mode & stat.S_IWGRP > 0)) or

(mode & stat.S_IWOTH > 0)

)

def is_executable(path, user):

user_info = pwd.getpwnam(user)

uid = user_info.pw_uid

gid = user_info.pw_gid

s = os.stat(path)

mode = s[stat.ST_MODE]

return (

((s[stat.ST_UID] == uid) and (mode & stat.S_IXUSR > 0)) or

((s[stat.ST_GID] == gid) and (mode & stat.S_IXGRP > 0)) or

(mode & stat.S_IXOTH > 0)

)

使用方法

print is_readable('/home', root)

print is_writable('/home', root)

print is_executable('/home', root)

print is_readable('/tmp', admin)

print is_writable('/tmp', admin)

print is_executable('/tmp', admin)

以上这篇python检查目录文件权限并修改目录文件权限的操作就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持。

以上是 python检查目录文件权限并修改目录文件权限的操作 的全部内容, 来源链接: utcz.com/z/344131.html

回到顶部