I have an issue wherein I can't Read a simple File using an External Table, nor can I write files using UTL_FILE. I think this has something to do with the permissions but I can't figure it out.
I confirmed that APPS and PUBLIC have the sufficient privileges:
select GRANTEE, privilege from all_tab_privs
where table_name = 'EXT_TAB_DATA';
GRANTEE PRIVILEGE
------- --------
APPS WRITE
APPS READ
APPS EXECUTE
PUBLIC WRITE
PUBLIC READ
PUBLIC EXECUTE
And I also confirmed that the actual Directory is defined:
select * from all_directories
where directory_name = 'EXT_TAB_DATA';
OWNER DIRECTORY_NAME DIRECTORY_PATH ORIGIN_CON_ID
------ -------------- -------------------------- -----------------
SYS EXT_TAB_DATA /u01/app/oracle/DEV/SAMPLE 0
Below is the privileges of the directory /u01/app/oracle/DEV/SAMPLE
[appldev-run ~]$ ls -l /u01/app/oracle/DEV
total 24
-rw-r--r-- 1 appldev appldev 6473 Jun 19 15:10 EBSapps.env
drwxr-xr-x 5 appldev appldev 4096 Jun 4 10:13 fs1
drwxr-xr-x 5 appldev appldev 4096 Jun 7 16:26 fs2
drwxr-xr-x 4 appldev appldev 4096 May 22 12:32 fs_ne
-rw------- 1 root root 0 Sep 18 2018 nohup.out
drwxrwxrwx 2 oracle appldev 4096 Jun 25 02:31 SAMPLE
When I try to write a simple UTL_FILE command below:
declare
fHandle UTL_FILE.FILE_TYPE;
begin
fHandle := UTL_FILE.FOPEN('EXT_TAB_DATA', 'test_file', 'w');
UTL_FILE.PUT(fHandle, 'This is the first line');
UTL_FILE.PUT(fHandle, 'This is the second line');
UTL_FILE.PUT_LINE(fHandle, 'This is the third line');
UTL_FILE.FCLOSE(fHandle);
EXCEPTION
WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE('Exception: SQLCODE=' || SQLCODE || ' SQLERRM=' || SQLERRM);
RAISE;
end;
/
it results into an error like below:
ORA-29283: invalid file operation
ORA-06512: at "SYS.UTL_FILE", line 536
ORA-29283: invalid file operation
ORA-06512: at line 14
29283. 00000 - "invalid file operation"
*Cause: An attempt was made to read from a file or directory that does
not exist, or file or directory access was denied by the
operating system.
*Action: Verify file and directory access privileges on the file system,
and if reading, verify that the file exists.
And I even tried reading from an External Table:
CREATE TABLE sample_ext
( sample1 varchar(10) )
organization external (
default directory EXT_TAB_DATA
location ('test.txt')
);
/
select *
from sample_ext;
/
It results into an error below:
ORA-29913: error in executing ODCIEXTTABLEOPEN callout
ORA-29400: data cartridge error
KUP-04001: error opening file /u01/app/oracle/DEV/SAMPLE/SAMPLE_EXT_62883.log
29913. 00000 - "error in executing %s callout"
*Cause: The execution of the specified callout caused an error.
*Action: Examine the error messages take appropriate action.
I confirmed that the file is there and has data:
[appldev-run#hamlfinappdev ~]$ cd /u01/app/oracle/DEV/SAMPLE
[appldev-run#hamlfinappdev ~]$ cat test.txt
1
1
1
1
[appldev-run#hamlfinappdev ~]$
What do I need to do to read and write to this directory?
Database Version is as Follows:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
PL/SQL Release 12.1.0.2.0 - Production
CORE 12.1.0.2.0 Production
TNS for Linux: Version 12.1.0.2.0 - Production
NLSRTL Version 12.1.0.2.0 - Production
You need to give all the rights to the directory chmod 755 DEV or change the owner of the directory chown oracle:appdev DEV.
I repeated the situation and got the same error.
I created a test environment.
user root
esmd:/opt/oracle # ls -l |grep DEV
drwxrwx--- 3 appdev appdev 4096 2019-06-25 07:17 DEV
esmd:/opt/oracle/DEV # ls -l
total 4
drwxrwxrwx 2 oracle dba 4096 2019-06-25 07:22 SAMPLE
esmd:/opt/oracle # cd DEV/SAMPLE/
esmd:/opt/oracle/DEV/SAMPLE # ls -l
total 4
-rw-r--r-- 1 oracle dba 8 2019-06-25 07:14 test.txt
user oracle
oracle#esmd:~> more /opt/oracle/DEV/SAMPLE/test.txt
/opt/oracle/DEV/SAMPLE/test.txt: Permission denied
user appdev
oracle#esmd:~> su appdev
Password:
appdev#esmd:/opt/oracle> ls -l /opt/oracle/DEV/SAMPLE/test.txt
-rw-r--r-- 1 oracle dba 8 2019-06-25 07:14 /opt/oracle/DEV/SAMPLE/test.txt
DB user system
CREATE OR REPLACE DIRECTORY EXT_TAB_DATA AS '/opt/oracle/DEV/SAMPLE';
CREATE TABLE sample_ext
( sample1 varchar(10) )
organization external (
default directory EXT_TAB_DATA
location ('test.txt')
);
select *
from sample_ext;
07:34:14 line 1: ORA-29913: error in executing ODCIEXTTABLEOPEN callout
07:34:14 ORA-29400: data cartridge error
07:34:14 error opening file /opt/oracle/DEV/SAMPLE/SAMPLE_EXT_4977.log
I changed dir DEV chmod 757 DEV and All works!
appdev#esmd:/opt/oracle> ls -l /opt/oracle |grep DEV
drwxrwx--- 3 appdev appdev 4096 2019-06-25 07:17 DEV
appdev#esmd:/opt/oracle> chmod 775 DEV
appdev#esmd:/opt/oracle> ls -l /opt/oracle |grep DEV
drwxrwxr-x 3 appdev appdev 4096 2019-06-25 07:17 DEV
select *
from sample_ext;
SAMPLE1
----------------
1
1
1
1
I changed dir DEV chmod 775 DEV or chown oracle:appdev DEV and All works!
oracle#esmd:~> su
Password:
esmd:/opt/oracle # ls -l |grep DEV
drwxrwxr-x 3 appdev appdev 4096 2019-06-25 07:17 DEV
esmd:/opt/oracle # chown oracle:appdev DEV
esmd:/opt/oracle # ls -l |grep DEV
drwxrwxr-x 3 oracle appdev 4096 2019-06-25 07:17 DEV
esmd:/opt/oracle # chmod 770 DEV
esmd:/opt/oracle # ls -l |grep DEV
drwxrwx--- 3 oracle appdev 4096 2019-06-25 07:17 DEV
esmd:/opt/oracle #
select *
from sample_ext;
SAMPLE1
----------------
1
1
1
1
Related
I have folder in /media on ubuntu - shared from windows via fstab and cifs-utils. Can I share this folder to other user: "miki" (not root)
root#localhost:/media#
drwxr-xrwx 4 root root 4096 Nov 15 12:21 .
drwxr-xr-x 23 root root 4096 Nov 14 06:34 ..
drwxr-xr-x 2 padm root 0 Nov 15 09:34 Archive
drwxr-xrwx 2 root root 4096 Feb 25 2019 kekik
I have try with:
root#localhost:~# sudo chmod -R 757 /media/Archive/
but get:
chmod: changing permissions of '/media/Archive/': Permission denied
Find a solution:
need to modify /etc/fstab by changing:
//windowsServer/Archive /media/Archive cifs username=wundowsuser,password=somepass,uid=1000,iocharset=iso8859-1,rw,file_mode=0777,dir_mode=0777,vers=1.0 0 0
and change group of folder (must umont it first!)
sudo umount -l /media/Archive
sudo chown miki:miki /media/Archive/
I'm not using SELinux, and still I can't get the apache user to create files in my cache storage directory. Can this work without using chown to change the user to the actual apache user?
[root#server live_storage]# getenforce
Disabled
[root#server live_storage]# su -s /bin/bash -c 'touch /home/admin/live_storage/c50d02d942c0a3d.cache' apache
touch: cannot touch ‘/home/admin/live_storage/c50d02d942c0a3d.cache’:
Permission denied
[root#server admin]# ls -lsa
total 84
4 drwx------. 10 admin admin 4096 24 mei 10:32 .
4 drwxr-xr-x. 3 root root 4096 9 mei 11:12 ..
4 drwxrwxrwx 3 admin admin 4096 24 mei 10:33 live_storage
[admin#server live_storage]$ touch '/home/admin/live_storage/c50d02d942c0a3d.cache'
[admin#server live_storage]$ ls '/home/admin/live_storage/c50d02d942c0a3d.cache'
/home/admin/live_storage/c50d02d942c0a3d.cache
Figured it out. Apache didn't have execute rights on the /home/admin directory. chmod +x /home/admin fixed the problem
I am currently creating an application that requires separate users running duplicate programs. They cannot run under root because of security reasons, so they are initiated by a Java app that I am working on, and I am starting them with runuser -l. However, I cannot cd into a directory, even though it is owned by the user, and the user has 770 permissions in the folder.
Here's what I'm running:
runuser -l lp1 -c 'java \-jar /root/Desktop/workspace/LitePanel/servers/server1/server.jar \-Xms1024M nogui'
And the output of this is:
runuser: warning: cannot change directory to /root/Desktop/workspace/LitePanel/bin/servers/server1/: Permission denied
Here's an ls -all:
drwxr-xr-x. 3 root root 4096 Jan 30 14:03 .
drwxr-xr-x. 7 root root 4096 Jan 30 14:02 ..
drwxrwx---. 2 lp1 lp1 4096 Jan 31 03:07 server1
Inside the directory:
drwxrwx---. 2 lp1 lp1 4096 Jan 31 03:07 .
drwxr-xr-x. 3 root root 4096 Jan 30 14:03 ..
-rwxrwx---. 1 lp1 lp1 9170551 Jan 31 03:07 server.jar
And here's /etc/passwd:
lp1:x:501:501::/root/Desktop/workspace/LitePanel/bin/servers/server1/:/bin/false
Anyone know why this is happening? It looks like the user has the necessary permissions to do this.
You have said that the directory itself has permissions 770 and is owned by the user, but what about its parents? I believe the cd command will need at least read access (and possibly execute) on the parent directories.
Good day!
I have a linux sftp server located in VM. This VM has access to a GlusterFS storage, where sftp directories are located. Sftp works via OpenSSH server and chroots sftpusers group to sftp directories on GlusterFS storage. All worked well... After one moment I had got an issue...
Trying to create user:
# useradd -d /mnt/cluster-data/repositories/masters/test-user -G masters,sftpusers -m -s /bin/nologin test-user
Checking:
# cat /etc/passwd | grep test-user
test-user:x:1029:1032::/mnt/cluster-data/repositories/masters/test-user:/bin/nologin
# cat /etc/group | grep test-user
masters:x:1000:test-user
sftpusers:x:1005:test-user
test-user:x:1032:
Doing chown and chmod for home dir by hand:
# chown -R test-user:test-user /mnt/cluster-data/repositories/masters/test-user
# chmod -R 770 /mnt/cluster-data/repositories/masters/test-user
Checking:
# ls -la /mnt/cluster-data/repositories/masters/test-user
итого 16
drwxrwx--- 2 test-user test-user 4096 Окт 27 2013 .
drwxr-xr-x 13 root masters 4096 Окт 27 2013 ..
Adding another user to test-user's group:
# usermod -G test-user -a tarasov-af
# cat /etc/passwd | grep tarasov-af
tarasov-af:x:1028:1006::/mnt/cluster-data/repositories/lecturers/tarasov-af/:/bin/nologin
# cat /etc/group | grep tarasov-af
masters:x:1000:tarasov-af,test-user
sftpusers:x:1005:tarasov-af,test-user
lecturers:x:1006:tarasov-af
specialists:x:1008:tarasov-af
test-user:x:1032:tarasov-af
Login as tarasov-af:
sftp> cd masters/test-user
sftp> ls
remote readdir("/masters/test-user"): Permission denied
sftp> ls -la ..
drwxr-xr-x 13 0 1000 4096 Oct 26 21:30 .
drwxr-xr-x 6 0 0 4096 Oct 2 15:53 ..
drwxrwx--- 2 1029 1032 4096 Oct 26 21:53 test-user
I tried to login as tarasov-af into bash (usermod -s /bin/bash tarasov-af):
$ id
uid=1028 gid=1006
groups=1000,1005,1006,1008,1032
p.s. I guess this issue began after VM disk failed and I've got /etc/passwd and /etc/group broken, I've restored them from backups and all previous accounts works well, I have this issue only with new accounts.
I've found the reason of this issue: user tarasov-af has more than 16 secondary groups, first 15 groups work good, other -- don't work. I've set kernel.ngroups_max = 65535 in sysctl.conf on every computer in cluster (GlusterFS) and on sftp VM but nothing changed.
This issue goes to glusterfs client, it can't manipulate with more than 15 secondary groups.
# glusterfs --version
glusterfs 3.2.7 built on Sep 29 2013 03:28:05
I am configuring hadoop on Ubuntu os. I need to create RSA key pair to allow hadoop to interact with its nodes, so i running this command:
hadoop#ubuntu:~$ ssh-keygen -t rsa -P ""
then I get this:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Could not create directory '/home/hadoop/.ssh': permission denied.
Enter passphrase (empty for no passphrase ):
Enter same passphrase again:
open /home/hadoop/.ssh/id_rsa failed: No such file or directory.
Saving the key failed: /home/hadoop/.ssh/id_rsa.
Forgot to create .ssh dir in your home?
Try that:
mkdir -p ~/.ssh
then re-run ssh-keygen.
Also possibly you doing ssh-keys creation from wrong user.. You started that shell using sudo?
Try to set HOME dir manually or enter right path in prompt.
check your home directory name and permissions
echo $HOME
cd ~ ; ls -l
ls -l .ssh
ls -lR .ssh
if above output is OK and you have correct permissions, perhaps your quota is full
try with "sudo" and see what happens...
Seems like current user doesn't own the contents under home directory.
Gain the ownership as shown as below:
admin#mydb22-02:~$ sudo chown admin.admin /home/admin/
admin#mydb22-02:~$ ls -la
total 32
drwxr-xr-x 2 admin admin 4096 Nov 3 23:29 .
drwxr-xr-x 3 admin admin 4096 Dec 23 2012 ..
-rw------- 1 admin admin 191 Feb 13 2013 .bash_history
-rw-r--r-- 1 admin admin 220 Apr 3 2012 .bash_logout
-rw-r--r-- 1 admin admin 3486 Apr 3 2012 .bashrc
-rw-r--r-- 1 admin admin 675 Apr 3 2012 .profile
-rw-r--r-- 1 admin admin 0 Nov 3 23:29 .sudo_as_admin_successful
-rw------- 1 admin admin 4221 Nov 3 20:31 .viminfo
generating keys would work now as .ssh directory will now be created and owned by current user after generating the assymetric keys
I have spent arround 1 hr on this and finally got the solution. It is due to permission problem. You have to use chown for your 'hadoop user'.
1. First make hadoop directory.
cd /home
mkdir hadoop
then check 'ls -l'. it gives result like :
drwxr-xr-x 2 hadoop hadoop 4096 Aug 22 22:17 hadoop
2. sudo chown hadoop.hadoop /home/hadoop/
3. Then run remaining command for key generater.