Permission Resource
Synopsis
Manages POSIX file and directory permissions (mode, owner, group) on Linux and
macOS. Equivalent to the chmod and chown commands.
Note
This resource is only available on Linux and macOS. It is not supported on Windows.
Type
Capabilities
- Get
- Set
Properties
path
Full path to the file or directory. Must start with /.
mode
File mode in octal notation (e.g., 0644, 0755, 644). Accepts 3 or 4 digit
octal strings.
owner
Owner. Accepts username (e.g., root) or numeric UID (e.g., 0).
group
Group. Accepts group name (e.g., wheel) or numeric GID (e.g., 0).
Common mode values
| Mode | Permissions | Typical use |
|---|---|---|
0644 |
rw-r--r-- | Regular files |
0755 |
rwxr-xr-x | Executables and directories |
0600 |
rw------- | Private files (keys, certs) |
0700 |
rwx------ | Private directories |
0750 |
rwxr-x--- | Group-accessible directories |
0444 |
r--r--r-- | Read-only files |
Examples
Example 1 — Get permissions
Example 2 — Set file permissions
Example 3 — Secure a private key
Example 4 — Configuration document
$schema: https://aka.ms/dsc/schemas/v3/bundled/config/document.json
resources:
- name: Application directory permissions
type: OpenDsc.Posix.FileSystem/Permission
properties:
path: /opt/myapp
mode: "0755"
owner: appuser
group: appgroup
- name: Private key permissions
type: OpenDsc.Posix.FileSystem/Permission
properties:
path: /etc/ssl/private/server.key
mode: "0600"
owner: root
group: root
Exit codes
| Code | Description |
|---|---|
| 0 | Success |
| 1 | Error |
| 2 | Invalid JSON |
| 3 | Access denied |
| 4 | Invalid argument |
| 5 | Unauthorized access |
| 6 | File or directory not found |
| 7 | Directory not found |
| 8 | Platform not supported |