Unix Permission

Parse Security

Synopsis

Extracts and decodes Unix file permission information.

Schema

- unix_permission:
    field: <ident>
    target_field: <string>
    input_format: <string>
    output_format: <string>
    include_special: <boolean>
    description: <text>
    if: <script>
    ignore_failure: <boolean>
    ignore_missing: <boolean>
    on_failure: <processor[]>
    on_success: <processor[]>
    tag: <string>

Configuration

The following fields are used to define the processor:

Field	Required	Default	Description
field	Y	-	Source field containing Unix permission data
target_field	N	{field}_decoded	Target field to store decoded permission information
input_format	N	auto	Input format: auto, octal, symbolic, decimal
output_format	N	detailed	Output format: detailed, octal, symbolic, rwx
include_special	N	true	Include special permission bits (setuid, setgid, sticky)
description	N	-	Explanatory note
if	N	-	Condition to run
ignore_failure	N	false	Continue processing if decoding fails
ignore_missing	N	false	Skip processing if referenced field doesn't exist
on_failure	N	-	See Handling Failures
on_success	N	-	See Handling Success
tag	N	-	Identifier

Details

Decodes Unix file permissions from various formats including octal notation (755), symbolic notation (rwxr-xr-x), and decimal values. The processor extracts owner, group, and other permissions along with special permission bits.

The processor can automatically detect the input format or work with explicitly specified formats, providing flexible parsing for different Unix permission representations.

note

Unix permissions consist of three sets of three bits each: owner (user), group, and other. Each set contains read (r), write (w), and execute (x) permissions. Special bits include setuid, setgid, and sticky bit.

When include_special is enabled, the processor also decodes special permission bits that affect how files and directories behave in Unix systems.

warning

If the input permission data is malformed or contains invalid permission values, the processor will fail unless ignore_failure is set to true.

Examples

Octal Permission Decoding

Decoding octal permission notation...	{ "file_mode": "755" } - unix_permission: field: file_mode target_field: permissions
extracts detailed permission breakdown:	{ "file_mode": "755", "permissions": { "octal": "755", "symbolic": "rwxr-xr-x", "owner": { "read": true, "write": true, "execute": true }, "group": { "read": true, "write": false, "execute": true }, "other": { "read": true, "write": false, "execute": true } } }

Symbolic Permission Input

Processing symbolic permission notation...	{ "file_perms": "rw-r--r--" } - unix_permission: field: file_perms input_format: symbolic target_field: perm_info
converts to detailed format:	{ "file_perms": "rw-r--r--", "perm_info": { "octal": "644", "symbolic": "rw-r--r--", "owner": { "read": true, "write": true, "execute": false }, "group": { "read": true, "write": false, "execute": false }, "other": { "read": true, "write": false, "execute": false } } }

Special Permissions

Including special permission bits...	{ "exec_mode": "4755" } - unix_permission: field: exec_mode include_special: true target_field: exec_perms
decodes setuid bit:	{ "exec_mode": "4755", "exec_perms": { "octal": "4755", "symbolic": "rwsr-xr-x", "special_bits": { "setuid": true, "setgid": false, "sticky": false }, "owner": { "read": true, "write": true, "execute": true } } }

Output Format Options

Converting to symbolic output only...	{ "dir_mode": "2775" } - unix_permission: field: dir_mode output_format: symbolic target_field: dir_perms
outputs symbolic notation:	{ "dir_mode": "2775", "dir_perms": "rwxrwsr-x" }

Multiple Permission Values

Processing array of permission values...	{ "file_modes": ["644", "755", "600"] } - unix_permission: field: file_modes output_format: rwx target_field: rwx_permissions
converts each to rwx format:	{ "file_modes": ["644", "755", "600"], "rwx_permissions": [ "rw-r--r--", "rwxr-xr-x", "rw-------" ] }