Speed traps with chmod

I have the habit to chmod with the rel­a­tive nota­tion (e.g. g+w or a+r or go‑w or sim­i­lar) instead of the absolute one (e.g. 0640 or u=rw,g=r,o=). Recent­ly I had to chmod a lot of files. As usu­al I was using the rel­a­tive nota­tion. With a lot of files, this took a lot of time. Time was not real­ly an issue, so I did not stop it to restart with a bet­ter per­form­ing com­mand (e.g. find /path ‑type f ‑print0 | xargs ‑0 chmod 0644; find /path ‑type d ‑print0 | xargs ‑0 chmod 0755), but I thought a lit­tle tips&tricks post­ing may be in order, as not every­one knows the difference.

The rel­a­tive notation

When you spec­i­fy g+w, it means to remove the write access for the group, but keep every­thing else like it is. Nat­u­ral­ly this means that chmod first has to lookup the cur­rent access rights. So for each async write request, there has to be a read-request first.

The absolute notation

The absolute nota­tion is what most peo­ple are used to (at least the numer­ic one). It does not need to read the access rights before chang­ing them, so there is less I/O to be done to get what you want. The draw­back is that it is not so nice for recur­sive changes. You do not want to have the x‑bit for data files, but you need it for direc­to­ries. If you only have a tree with data files where you want to have an uni­form access, the exam­ple above via find is prob­a­bly faster (for sure if the direc­to­ry meta-data is still in RAM).

If you have a mix of bina­ries and data, it is a lit­tle bit more tricky to come up with a way which is faster. If the data has a name-pattern, you could use it in the find.

And if you have a non-uniform access for the group bits and want to make sure the own­er has write access to every­thing, it may be faster to use the rel­a­tive nota­tion than to find a replace­ment command-sequence with the absolute notation.

Read­ers who viewed this page, also viewed:

Share/Save

5 thoughts on “Speed traps with chmod”

  1. Thanks for inter­est­ing reading.

    You have small typo:
    “When you spec­ify g+w, it means to remove the write access for the group…” 

    It should be “g‑w”

    Reply

  3. The exam­ples are just exam­ples. I did not intend to give the same exam­ples for absolute and rel­a­tive nota­tion (which is impos­si­ble with­out show­ing a file/directory with spe­cif­ic access rights). g+w adds group write access no mat­ter what oth­er set­tings are there, where­as the absolute exam­ples do not keep the remain­ing access rights. Please do not com­pare them.

    Reply

  4. Cur­rent chmod com­mand imple­men­ta­tions have already read the stat struc­ture before set­ting the new per­mis­sions (checked on FreeB­SD and Solaris source), so there is real­ly no ben­e­fit for absolute mode over sym­bol­ic mode.

    Even absolute mode is not 100% absolute. For non-regular files the inter­pre­ta­tion is imple­men­ta­tion depen­dent. Quot­ing Solaris man page for chmod(1):
    For direc­to­ries, the set­gid bit can­not be set (or cleared)
    in absolute mode; it must be set (or cleared) in symbolic
    mode using g+s (or g‑s).

    Also the inode should already be in the inode cache. Even find needs the stat struc­ture (-type f).

    Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.