I am in the group root who owns a file and all the directories above. Why do I have no access to this file? CentOS 7
$ ls /etc/systemd/system | grep parts.service
ls: cannot access /etc/systemd/system/parts.service: Permission denied
-????????? ? ? ? ? ? parts.service
With SUDO:
$ sudo ls /etc/systemd/system | grep parts.service
-rw-rw-rw- 1 root root 563 Feb 13 09:59 parts.service
Checking for an ACL:
$ sudo getfacl /etc/systemd/system/parts.service
getfacl: Removing leading '/' from absolute path names
# file: etc/systemd/system/parts.service
# owner: root
# group: root
user::rw-
group::rw-
other::rw-
My groups:
$ groups
root wheel docker poweruser
Parent directories
drwxr-xr-x 155 root root 12288 Jul 17 09:04 etc/
drwxr-xr-x 4 root root 151 Nov 11 2019 systemd/
drw-rw-r-- 19 root root 4096 Jun 19 18:14 system/
sudo is used to verify that you are the user with which you are logged. you can access root files with your user, but you have to tell your PC that you want to acces files from the root group
Related
I have folder in /media on ubuntu - shared from windows via fstab and cifs-utils. Can I share this folder to other user: "miki" (not root)
root#localhost:/media#
drwxr-xrwx 4 root root 4096 Nov 15 12:21 .
drwxr-xr-x 23 root root 4096 Nov 14 06:34 ..
drwxr-xr-x 2 padm root 0 Nov 15 09:34 Archive
drwxr-xrwx 2 root root 4096 Feb 25 2019 kekik
I have try with:
root#localhost:~# sudo chmod -R 757 /media/Archive/
but get:
chmod: changing permissions of '/media/Archive/': Permission denied
Find a solution:
need to modify /etc/fstab by changing:
//windowsServer/Archive /media/Archive cifs username=wundowsuser,password=somepass,uid=1000,iocharset=iso8859-1,rw,file_mode=0777,dir_mode=0777,vers=1.0 0 0
and change group of folder (must umont it first!)
sudo umount -l /media/Archive
sudo chown miki:miki /media/Archive/
I have a directory with full permissions with root as owner. What I want is to be able to remove it as a normal user. However, i am not allowed to do so:
radu#Workstation:/tmp$ ls -l | grep cucu
drwxrwxrwx 2 root root 4096 oct 20 10:28 cucu
radu#Workstation:/tmp$ ls -la cucu
total 52
drwxrwxrwx 2 root root 4096 oct 20 10:28 .
drwxrwxrwt 66 root root 45056 oct 20 10:28 ..
radu#Workstation:/tmp$ rm -r cucu
rm: cannot remove 'cucu': Operation not permitted
What do I not get right?
Removing a directory (or a file) consists in deleting its entry into its containing directory, so to remove cucu you need permissions on its parent; alas access rights are rwxrwxrwt, and the t means removal authorized for owner only, as the owner is root, only root can remove cucu.
Sticky bit is set , so only owner can remove the directory.
This is because only root has the permission to remove directory, as you can see
drwxrwxrwx 2 root root 4096 oct 20 10:28 cucu
From your root, change the Permission of directory using chown. For example-
chown radu cucu
Check this out for more info on chown command on linux.
http://www.thegeekstuff.com/2012/06/chown-examples
I am very new to linux and am using putty and pscp to move files to a live hosted directory. I would like to rename my recently uploaded dist folder to its actual project name using mv but get a permission denied error. What is the safest and most reasonable way to arrange these files so I can rename them?
lawton#lawtonb:/var/www/html$ ls -la
total 268
drwxr-xr-x 4 root root 4096 Aug 30 16:42 .
drwxr-xr-x 3 root root 4096 Aug 18 23:05 ..
-rw-rw-r-- 1 lawton lawton 253276 Aug 27 18:06 bundle.js
drwxr-xr-x 2 root root 4096 Aug 30 16:42 dist
-rw-r--r-- 1 root root 17 Aug 18 23:24 info.php
drwxr-xr-x 2 root root 4096 Aug 27 18:59 react-youtube
lawton#lawtonb:/var/www/html$ mv dist BTC_Sorter
mv: cannot move 'dist' to 'BTC_Sorter': Permission denied
If this is a one-time rename, your best course of action would be to run mv with sudo, like this:
sudo mv dist BTC_Sorter
If, however, you'd like to have permissions for your user or group, you should do some reading about chown (The link belongs to the Arch Linux wiki, but should be useful regardless of your distro).
In your particular case, the directory dist is owned both by the user and the group root, hence why you'd need to use sudo, chown or simply the root account.
You are not the owner of the file, you need execute the command with sudo
sudo mv src dest
I'm struggling to understand how to apply directory and file permissions so that files and directories created by the ftp user, via an ftp client, are browsable. In other words 755 is applied by default.
I'm running Apache 2 on Ubuntu 14.04.2 LTS, Trusty Tahr, with vsftpd server.
My directory structure is as follows.
var/www/
var/www/sites/
var/www/sites/master_demo/public_html
var/www/sites/test_site/public_html
I've run the following
usermod -aG www-data test_user
chgrp -R www-data /var/www/sites/test_site/public_html/
chown -R test_site:www-data /var/www/sites/test_site/public_html/
chmod -R 755 /var/www/sites/test_site/public_html/
Permissions on the directories are as follows:
cd var/www/sites/
ls -l
dr-xrws--- 3 master_demo www-data 4096 Jun 17 14:00 master_demo
drwxr-xr-x 3 test_site www-data 4096 Jun 16 13:32 test_site
cd var/www/sites/test_site/
ls -l
drwxr-xr-x 3 test_site www-data 4096 Jun 17 17:43 public_html
When a file is added using ftp by the test_site user these are the permissions
-rw------- 1 test_site test_site 152 Jun 18 08:27 about.html
drwx------ 2 test_site test_site 4096 Jun 18 08:27 css
-rw------- 1 test_site test_site 152 Jun 18 08:27 index.html
How do I get the file to automatically be given the correct permissions so the files are browsable (755)? I know the obvious answer might be to run a batch file, but is that necessary? I don't want to have to run the command everytime.
chmod -R 755 /var/www/sites/test_site/public_html/*
ls -l
-rwxr-xr-x 1 test_site test_site 152 Jun 18 08:27 about.html
drwxr-xr-x 2 test_site test_site 4096 Jun 18 08:27 css
-rwxr-xr-x 1 test_site test_site 152 Jun 18 08:27 index.html
I'm new to linux so please be gentle :)
I can confirm that test_site users is in the www-data group
id test_site
uid=1004(test_site) gid=1005(test_site) groups=1005(test_site),33(www-data)
I think what you are looking for is umask
umask 0022
umask -p
umask -S
You will need to modify your default /etc/profile in order to make this permanent. umask 0022will on creation give directories chmod 755 and files chmod 644 which is the recommended permissions for the www folder in apache.
Example
umask 0022
mkdir www
touch www/{index.html,style.css}
drwxr-xr-x. 2 user user 4096 Jun 18 10:53 .
drwxr-xr-x. 3 user user 4096 Jun 18 10:52 ..
-rw-r--r--. 1 user user 0 Jun 18 10:53 index.html
-rw-r--r--. 1 user user 0 Jun 18 10:53 style.css
FTP also supports setting umask before initiating a transfer. Setting it with ftp, sets if for that transfer only, so that you don't need to change it system-wide as you would with /etc/profile.
I am currently creating an application that requires separate users running duplicate programs. They cannot run under root because of security reasons, so they are initiated by a Java app that I am working on, and I am starting them with runuser -l. However, I cannot cd into a directory, even though it is owned by the user, and the user has 770 permissions in the folder.
Here's what I'm running:
runuser -l lp1 -c 'java \-jar /root/Desktop/workspace/LitePanel/servers/server1/server.jar \-Xms1024M nogui'
And the output of this is:
runuser: warning: cannot change directory to /root/Desktop/workspace/LitePanel/bin/servers/server1/: Permission denied
Here's an ls -all:
drwxr-xr-x. 3 root root 4096 Jan 30 14:03 .
drwxr-xr-x. 7 root root 4096 Jan 30 14:02 ..
drwxrwx---. 2 lp1 lp1 4096 Jan 31 03:07 server1
Inside the directory:
drwxrwx---. 2 lp1 lp1 4096 Jan 31 03:07 .
drwxr-xr-x. 3 root root 4096 Jan 30 14:03 ..
-rwxrwx---. 1 lp1 lp1 9170551 Jan 31 03:07 server.jar
And here's /etc/passwd:
lp1:x:501:501::/root/Desktop/workspace/LitePanel/bin/servers/server1/:/bin/false
Anyone know why this is happening? It looks like the user has the necessary permissions to do this.
You have said that the directory itself has permissions 770 and is owned by the user, but what about its parents? I believe the cd command will need at least read access (and possibly execute) on the parent directories.