Monitors file-changes in configured directories. If changes happened, it adjusts the file-permissions and ownership.
Python
Switch branches/tags
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
src/experms
.gitignore
CHANGELOG
COPYING
README.md
experms.1.gz
experms.conf
experms.conf.5.gz
experms.service
setup.py

README.md

#experms Distributed under the GNU GPL
http://www.gnu.org/licenses/gpl-3.0.txt
Or see the file ./COPYING

##Introduction Monitors file-changes happened in the directory set in experms.conf. If changes
happened, it adjusts the file-permissions and ownership/group.

You can either define directories (and also sub-directories) with different
ownerships and permissions.

It also allows exclusions based on directories or patterns (regex).
Further it is able to restore all the ownerships and permissions of all files
based on the config-file.

experms needs to be run with root-permissions.

##Dependencies experms depends on:

  • python2
  • python2-pyinotify (name can vary on different Linux distributions)
  • systemd (optional)

##Usage You can start and/or enable experms with systemd:

# systemctl start experms
# systemctl enable experms

Following arguments are available:

usage: experms [-h] [-c CONFIG] [-r] [-t] [-v] [-d]

experms

optional arguments:
  -h, --help            show this help message and exit
  -c CONFIG, --config CONFIG
                        Configuration file to use
  -r, --restore         Just restore all the permissions and exit
  -t, --total           Count the directories to watch and exit
  -v, --version         Print the version and exit
  -d, --debug           Print debug-messages

Note: You need to edit the configuration file before running experms for the
first time!

##The Configuration File experms.conf is located under /etc/experms.conf
You can use another file with the argument '--config'.

If changes happened to experms.conf, it is necessary to restart
experms.

###Example

#
# /etc/experms.conf
#

[general]
log_activities = no
restore = no

[DEFAULT]
chmodd = 755

[directory_1]
path = /first/directory
user = first-user
group = first-group
chmodf = 640
chmodd = g+w
excludepath = /first/directory/exclude1,/first/directory/subdir/exclude2

[directory_2]
path = /second/directory
group = second-group
chmodf = 0644
excludepattern = .txt$|.TXT$|.sh$|.SH$

[directory_3]
path = /second/directory/subdirectory
group = third-group
chmodf = g+w,o-r
chmodd = g+w,o-rx

###General Section log_activities = yes | no
Decide, if experms should print a log.

restore = yes | no
Decide, if experms should restore all the ownerships and permissions
of all files based on the config-file. In case there were changes
while experms was not running.

###Default Section Rules that should apply to all directory sections. They can be over‐
written inside a directory section.

###Directory Section path = /path/to/watch/dir
Set the directory where your rules should apply.

owner = username|UID
Set the owner of all the files and directories.

group = groupname|GID
Set the group of all the files and directories.

chmodf = permissions
Set the permission for all the files.
Accepted is octal (0777) or symbolic mode (comma separated list).
Symbolic mode has limited functionality and only supports
[ugoa][+-=][rwxugo]
You can use set-UID, set-GID and sticky-bit if you wish to. E.g. 4660.

chmodd = permissions
Set the permission of all the directories.
See chmodf above.

excludepath = /path/to/exclude/dir,/path/to/exclude/file...
Exclude some directories and files from the rules (comma seperated).

excludepattern = regular expression
Exclude files (and only files) based on a pattern.

##Inotify Configuration experms uses inotify to monitor the directories.
Inotify allows only a limited number of directories to watch per user.
Per default this is set to 8192.
You can increase this number by writing to /proc/sys/fs/inotify/max_user_watches
To make this change permanent, the following line should be added to
/etc/sysctl.conf or /etc/sysctl.d/99-sysctl.conf
fs.inotify.max_user_watches=8192 (your amount of directories)

You can check the amount of directories recursively with:

# experms --total