After accidentally copying files to a USB drive with overly permissive 777 settings, we need to restore proper permissions in the user's home directory. This means:
- Directories should be 775 (drwxrwxr-x)
- Regular files should be 664 (-rw-rw-r--)
- No files need execute permissions (as they're documents/media)
Here's the most efficient one-liner using find:
find /home/username -type d -exec chmod 775 {} \;
find /home/username -type f -exec chmod 664 {} \;
For better error handling and logging:
#!/bin/bash
TARGET_DIR="/home/username"
LOG_FILE="/var/log/permission_fix.log"
echo "Starting permission correction at $(date)" > $LOG_FILE
# Fix directory permissions
find "$TARGET_DIR" -type d -print0 | while IFS= read -r -d '' dir; do
if [[ "$dir" != "$TARGET_DIR" ]]; then
chmod -v 775 "$dir" >> $LOG_FILE 2>&1
fi
done
# Fix file permissions
find "$TARGET_DIR" -type f -print0 | while IFS= read -r -d '' file; do
chmod -v 664 "$file" >> $LOG_FILE 2>&1
done
echo "Permission correction completed at $(date)" >> $LOG_FILE
For environments with ACLs or special requirements:
# Preserve original ownership while fixing permissions
find /home/username -exec chmod --reference=/etc/skel {} \;
# Alternative with getfacl/setfacl
getfacl -R /home/username > permissions_backup.acl
# After permission changes...
setfacl --restore=permissions_backup.acl
Check your work with these commands:
# Find directories with wrong permissions find /home/username -type d ! -perm 775 -ls # Find files with wrong permissions find /home/username -type f ! -perm 664 -ls # Count affected items find /home/username -type d ! -perm 775 | wc -l find /home/username -type f ! -perm 664 | wc -l
Recently encountered a common headache when migrating data - a whole directory tree copied with 777 permissions. This creates security risks, especially when dealing with user home directories where:
- Directories require execute (
x) for traversal - Regular files (images/docs/MP3s) should never be executable
- Group permissions should allow shared access where needed
This atomic command handles both directory and file permission correction:
find /home/user/target_dir -type d -exec chmod 775 {} + -o -type f -exec chmod 664 {} +Breakdown:
-type d: Processes directories first with775(rwxrwxr-x)-o: Logical OR for the file processing branch-type f: Applies664(rw-rw-r--) to regular files-exec {} +: Batch processing for efficiency
For systems using ACLs or special bits (setuid/sticky), add these safeguards:
# Preserve existing special permission bits
find /path -type d -exec chmod u=rwx,g=rwx,o=rx {} +
find /path -type f -exec chmod u=rw,g=rw,o=r {} +
After bulk changes, verify with this audit script:
#!/bin/bash
TARGET_DIR="/home/user/files"
echo "Checking directory permissions:"
find "$TARGET_DIR" -type d ! -perm 775 -ls
echo -e "\nChecking file permissions:"
find "$TARGET_DIR" -type f ! -perm 664 -lsFor future transfers, use rsync's permission control:
rsync -av --chmod=D775,F664 source/ user@host:destination/Key flags:
D775: Directory permissionsF664: File permissions--no-perms: Optional to ignore source permissions
Add these to your ~/.bashrc for safe copying:
alias cp='cp --no-preserve=mode'
alias scp='scp -p' # Preserves original permissions