I need to know if it is possible to create a read only directory from windows command line.
I know it is possible to use chmod and make files read only. But what I need is to create a folder and then immediately set it as read only upon creation. Trying to create new files inside this directory should then throw an error.
This can be done manually by modifying folder permissions using the gui. But, I need to do it from cmd for some tests.
I tried
attrib +r dirPath
But this only works for files and not for the whole directory.
Any help is appreciated.
EDIT:
A background to me problem. I need to test the behavior of a software that writes some text files. I want to test a use-case when I ask the software to write to a read only directory. I want to see I handle the exceptions correctly and inform users appropriately.
Related
I am working with the automated test suite of a software project. I have an automated test case that should verify that the code works correctly when a specific file is found, but the program does not have proper permission to read the contents of that file. This test case is currently working on Linux and macOS, but I am trying to get it to work on Windows as well.
The file is created by the test process, modified to have the read permission removed, and then the code tries to read the file, and the test verifies that the code fails in the expected way. After the test has run, the permissions are restored (if necessary), and the file is removed.
On Linux and macOS the read permission is removed by chmod 000 unreadable.txt, which makes the file unreadable by everyone (except root). I am trying to find a similar solution on Windows, where I can make this test file unreadable by the current user using command line tools, so the tested program can fail.
From my understanding, a command like icacls unreadable.txt /deny 'Everyone:(RC)' should have done the trick. icacls confirm the deny rule:
Everyone:(DENY)(Rc,S)
but I have nevertheless full access to read the file.
I've tried various incantations of calls to icacls and cacls, with different combinations of trying to explicitly denying for my specific user account, etc. All to no avail.
I'm starting to wondering, is is impossible in Windows to disallow the owner of a file from reading it?
Or, if it is possible, what is the command line I need to make the file unreadable by the owner?
I have a requirement where i need to create and delete a text file on unix from my windows server where i have informatica installed.
Using workflow i was able to place file in unix but not able to find a way to delete already existing file.
Also the client does not want us to download any additional software like putty on windows server.
Please feel free to ask for more information if required.
if you are able to drop .sh (shell script) and execut it on unix then you can do that with "rmdir yourfolder" command, if you folder has andything under then you will need to use "rm -r yourfolder", if files inside the folder have any dependicies you need to use "rm -rf yourfolder".
Just make sure that you will navigate to the correct folder where you are deleting things.
Br, Aljaž.
Use Command Task in Informatica Workflow to invoke syntax mentioned by #Aljaz
I've built a script that places an icon in the launcher to open a program as the root user. This script also adds NOPASSWD to the user's configuration for this specific app in /etc/sudoers, however the one part of the script that refuses to work is the creation of the profile in /root/.config/<app>. I can create this manually, using the same mkdir command, but when I place the same command in the script it returns no such file or directory. I have replicated this behaviour a number of times, including on a clean install.
Is there some form of protection that disallows the ability to automate the creation of this directory? Or am I missing something about hidden folders in Linux?
I assume you are doing this when the .config dir does not exist yet.
mkdir /root/.config/<app>
Try this :
mkdir -p /root/.config/<app>
This will create any missing parent directory to the full path you provide.
I have several text docs that are created each day from templates. This process I've achieved successfully albeit probably in a Cro-Magnon way. I want these newly created text files to be filed within a newly created dated folder.
The script creates the file docs from the templates successfully and also creates the newly dated directory. I don't really want to create these text files somewhere else and then move them to the newly created directory. Rather that they be created directly within it. All my research tends to involve directories that already exist rather than one created from a var.
I've included just one file creation example below.
Hope you can help. TIA
today=`date '+%y%m%d'`;
today_Folder=~/Desktop/test/"${today}"
if [[ ! -d $today_Folder ]]
then
mkdir "${today_Folder} `(date '+%A')`"
fi
cat ~/Desktop/test/template.txt >> ~/Desktop/test/dest.txt
P.S. I've tried to make the cat command regarding the text files clearer - it simply creates files. I'm NOT trying to create a tree of directories. Simply ONE newly created directory that could be in test along with the text files.
Your question is how to dynamically create a file, also creating all the path to contain that file? That's not possible in any intuitive/portable way, and it's not typically programs always have to create the directory before the file. What you can do is pass the -p flag to mkdir. On Linux systems (this may also not be portable), this flag means "create all the directories necessary for this path". Zero directories is okay, so you don't need to check whether the directory already exists. So change the whole if block to just this:
mkdir -p "${today_Folder} `(date '+%A')`"
Also, it's kind of smelly the way you want a string (the path) and you're using three operations to create it. Could it be simpler? You want more statements when they add clarity, but in this case the steps are so simple that the only thing accomplished is to make your colleagues go up and read what you wrote more than once. It might suit to change it to:
dir_path=...
mkdir -p "${dir_path}"
To accomplish this, keep in mind that instead of backticks, you can add command substitution with $(). It helps since backticks can't be nested--it makes the line more readable, since you clearly see the command's start/end.
I want to index some files and keep a registry as part of a utility I am writing in BASH. So, my tool would go to a massive directory and write some essential information about each file it finds there to another file that I would like to call "myregistry." The file would only be rewritten if the user asks it to - since going through a large file structure and "indexing" it this way would take considerable time.
I want this file to not show up when the user does ls in the directory where it is contained. In addition, I want the user to have no privileges with it at all - the user should not be able to open it up on vim or anything, not even to just look at it.
However, if the user executes my script again, I want the user to have the option of getting some information out of the file from there. I also want the script to have the permissions to look at the file and add or delete things from it, if the user prompts it to. But the user should not be able to do anything to it directly.
How can I do this? It would require using chmod but I have no idea how to put it together.
I'm thinking:
# Enable write permission
# Do Something - ensure that no one else is writing to this file
# Disable write permission
On Unix, you're more or less on an equal footing with other processes that run under the same user. Whatever you can do, they can do. If you can hide and unhide something, so can they. Interpreted scripts need read permissions to run, so it's not like you can hide any secrets in your executable. If you can however, distribute your software as a binary, you'll be able to run without being readable. Then you can hardcode a secret into the binary and use it to encrypt and decrypt files. Users will be able to run your binary, but only the superuser will be able to get the secret and decrypt your registry. That's real security (against regular (nonroot) users) (especially if you manage to create and embed the secret at installation time).
Playing with dotfiles and permissions won't fool any advanced user.
Something like this work? write_index and read_index are your work.
cd massive_dir
TFILE=$(mktemp --tmpdir=.)
write_index >$TFILE
mv -f $TFILE .index
chmod a-rw .index
To read
chmod +r .index
read_index .index
chmod -r .index
Note that no locking is needed because of the temp file. mv is atomic.