How can I list permissions of every component in a file path?

Question

Sometimes it is necessary to determine on which directory in a path access rights are limited. Here is an example:

$ ls /sys/kernel/debug/usb/devices
ls: cannot access /sys/kernel/debug/usb/devices: Permission denied
$ cat /sys/kernel/debug/usb/devices
cat: /sys/kernel/debug/usb/devices: Permission denied

Neither ls nor cat shows where the user rights were limited.

What is the simplest way of showing the access rights for every component (directory and the file) in the path? I am mainly interested in solutions for Unix-like systems.

Answer 1

For basic UNIX permissions (owner/group/other), use namei which is part of util-linux:

# namei -l /sys/kernel/debug/usb/devices
f: /sys/kernel/debug/usb/devices
drwxr-xr-x root root /
dr-xr-xr-x root root sys
drwxr-xr-x root root kernel
drwx------ root root debug
drwxr-xr-x root root usb
-r--r--r-- root root devices

Answer 2

Below is a simple Bourne-like-shell script. It traverses the path by gradual removing of the last components using the dirname command until the path stops changing. You get either / or . at the end.

#!/bin/sh

f="$1"
p=
while test "$f" != "$p" ; do
    ls -ld "$f"
    p="$f"
    f="$(dirname "$f")"
done

In a single line with sudo to be able to see components with limited access rights:

f=/sys/kernel/debug/usb/devices p= ; while test "$f" != "$p" ; do sudo ls -ld "$f" ; p="$f" ; f="$(dirname "$f")" ; done

Example output

-r--r--r-- 1 root root 0 Dec  5 10:36 /sys/kernel/debug/usb/devices
drwxr-xr-x 3 root root 0 Dec  5 10:36 /sys/kernel/debug/usb
drwx------ 19 root root 0 Dec  5 10:36 /sys/kernel/debug
drwxr-xr-x 7 root root 0 Dec  5 10:37 /sys/kernel
drwxr-xr-x 13 root root 0 Dec  5 10:37 /sys
drwxr-xr-x 27 root root 4096 Dec  3 09:39 /

POSIX ACL

If the permission string from ls -l shows + at the end you have to list ACL using getfacl to see the complete access rights:

#!/bin/sh

f="$1"
p=
while test "$f" != "$p" ; do
    getfacl "$f"
    p="$f"
    f="$(dirname "$f")"
done