How to recursively remove execute permissions from files without touching folders?

If you are fine with setting the execute permissions for everyone on all folders: 

chmod -R -x+X *

The -x removes execute permissions for all
The +X will add execute permissions for all, but only for directories.

See below for a solution that uses find to really not touch folders as requested.


Ok, I re-read the "chmod" man pages for Mac OS X, BSD, and Linux, and did a few experiments. Here is what I learned about symbolic modes. It can get complicated, but it's worth understanding:

  • The general form is clause[,clause…] where:
  • clause := [ugoa][+-=][rwxXstugo]
  • [ugoa] (who) (specify multiple) means set the permission for user, group, other, or all. If not specified, the default is 'a', but the umask is in effect.
  • [+-=] (action) (specify one) means:
    • + means add the specified permissions to the permissions already in effect
    • - means remove the specified permissions from the permissions already in effect
    • = means set the permissions to the specified permissions, clearing all others
  • [rwxXstugo] (permission) (specify multiple of rwxXst OR one of ugo) sets the permissions for the specified user(s) as follows:
    • r — read
    • w — write
    • x — execute/search
    • X — execute/search iff directory OR any execute bit was already set.
    • s — suid or sgid
    • t — sticky
    • u — copy user permission
    • g — copy group permission
    • o — copy other permission

So for example, a+x would make a file executable by everybody. a+X would make a file executable by everybody IF it had been executable by anybody.

a+x would make a directory searchable by everybody. a+X would also make a directory searchable by everybody.

The key difference between BSD and Linux is that with BSD, the determination is made based on the file's permissions before chmod was executed. While with Linux, the determination is made immediately before the +X clause is executed.

So with BSD, the combination a-x,a+X would remove execute/search permission and then make a directory searchable by everybody, and make a file executable by everybody if it had originally been executable by anybody.

With Linux, a-x,a+X would remove execute/search permission and then make a directory searchable by everybody, while leaving a file executable by nobody.

Here's a concrete example: on a BSD machine: a directory, an executable file, and a non-executable file:

drwxr-x---  2 falk  staff  68 Jul 19 18:01 fee/
-rwxr-x---  1 falk  staff   0 Jul 19 18:01 fie*
-rw-r-----  1 falk  staff   0 Jul 19 18:01 foe

Observe that both the directory and "fie" are executable/searchable by the user, but not by others.

Now we execute chmod a-x,a+X *. The first clause will strip the execute/search bit from all users for all files, but the second clause will add it back for both "fee" and "fie". "fee" because it's a directory, and "fie" because it had at least one executable bit to start with.

drwxr-x--x  2 falk  staff  68 Jul 19 18:01 fee/
-rwxr-x--x  1 falk  staff   0 Jul 19 18:01 fie*
-rw-r-----  1 falk  staff   0 Jul 19 18:01 foe

I had the same result executing chmod -x+X.

Conclusion: Jak Gibb's solution will work on Linux, but for BSD, you would need to make two passes.

I didn't test this on SVr4 or other Unix variants.


One way to do it:

find backup -type f -exec chmod 0644 {} +

Tags:

Permissions

Executable

Recursive

Recent Posts