击试验,如果目录是可写把定的UID
问题说明
我们可以测试出目录是否由当前进程的UID可写的:
We can test if a directory is writable by the uid of the current process:
$ if [ -w $directory ] ; then echo 'Eureka!' ; fi
但是,任何人都可以提出一个方法来测试一个目录有写入一些的其他的UID?
我的情况是,我管理MySQL服务器的实例,我要临时更改慢查询日志文件的位置。我可以通过执行MySQL命令 SET GLOBAL slow_query_log_file ='$ new_log_filename做到这一点,然后禁用和放大器;启用查询日志记录,以的mysqld 开始使用该文件。
My scenario is that I am administering a MySQL Server instance, and I want to change the location of the slow-query log file temporarily. I can do this by executing a MySQL command SET GLOBAL slow_query_log_file='$new_log_filename' and then disable & enable query logging to make mysqld start using that file.
不过,我想我的脚本来检查的mysqld 进程的UID有权限创建新的日志文件。所以我想要做类似的信息(伪code):
But I'd like my script to check that the uid of the mysqld process has permissions to create that new log file. So I'd like to do something like (pseudocode):
$ if [ -w-as-mysql-uid `basename $new_log_filename` ] ; then echo 'Eureka!' ; fi
不过,当然,这是一个虚构的测试predicate的。
But of course that's an imaginary test predicate.
的澄清:的我想是不依赖于苏的解决方案,因为我不能假设用户的我的脚本有苏特权。
Clarification: I would like a solution that doesn't rely on su because I can't assume the user of my script has su privilege.
正确答案
下面是检查的一个长期的,迂回的方式。
Here's a long, roundabout way of checking.
USER=johndoe
DIR=/path/to/somewhere
# Use -L to get information about the target of a symlink,
# not the link itself, as pointed out in the comments
INFO=( $(stat -cL "%a %G %U" $DIR) )
PERM=${INFO[0]}
GROUP=${INFO[1]}
OWNER=${INFO[2]}
ACCESS=no
if [[ $PERM & 0002 != 0 ]]; then
# Everyone has write access
ACCESS=yes
elif [[ $PERM & 0020 != 0 ]]; then
# Some group has write access.
# Is user in that group?
gs=( $(groups $USER) )
for g in "${gs[@]}"; do
if [[ $GROUP == $g ]]; then
ACCESS=yes
break
fi
done
elif [[ $PERM & 0200 != 0 ]]; then
# The owner has write access.
# Does the user own the file?
[[ $USER == $OWNER ]] && ACCESS=yes
fi
这篇好文章是转载于:学新通技术网
