Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am working on a raspberry pi and am having a tough time giving permissions to an external hard drive that I have mounted using the following tutorial:
http://www.howtogeek.com/139433/how-to-turn-a-raspberry-pi-into-a-low-power-network-storage-device/
I have now created folders on that external hard drive and when I do a ls -l command I get the following returned:
drwxr-xr-x 2 root root 512 Aug 28 23:24 test
That is located in: /media/USBHDD1/shares
Now I'm trying to give it all write read and execute permissions or even change the owner and group to pi:pi
However, chmod 777 is not working – it doesn't return an error, just seems to have no effect
And when I use
sudo chown -R pi:pi test/
I get the error
chown: changing ownership of `test/': Operation not permitted
This is a linux question but I think someone with background and knowledge of using a raspberry pi can help me out here.
Extra info as requested:
When I run pi#raspberrypi /media $ grep USBHDD1 /etc/mtab
it returns:
/dev/sda1 /media/USBHDD1 vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro 0 0
The reason is because the ownership and permissions are defined at mount time for the vfat FS.
Manual page mount(8):
Mount options for fat ..
uid=value and gid=value
Set the owner and group of all files. (Default: the uid and gid
of the current process.)
umask=value
Set the umask (the bitmask of the permissions that are not
present). The default is the umask of the current process. The
value is given in octal.
There are at least three things you can do:
(1) Give pi:pi access to the entire /media/USBHDD1 mount:
mount -o remount,gid=<pi's gid>,uid=<pi's uid> /media/USBHDD1
To determine pi's uid:
cat /etc/passwd |grep pi
To determine pi's gid:
cat /etc/group |grep pi
(2) Give everyone access to /media/USBHDD1 by changing the umask and dmask (not recommended):
mount -o remount,umask=000,dmask=000 /media/USBHDD1
(3) Change the partition to a different file system. Only do this if you're not accessing the the external hard drive from a windows computer:
You won't be able to convert the file system from VFAT to a Unix-compatible FS, so you'll have to backup the contents of the drive, format as EXT3+ or reiserfs, then copy the contents back. You can find tutorials for doing this on the web.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am creating a shared folder for users in the 'development' group. I am having trouble coming up with a series of commands to use to do this I need to set the following permissions:
Only members of the development group can create files in it
Users can only delete the files and directories they create
Any new files/folders in the shared directory are associated with the group
Group owner can only read
Owner can read files, but others cannot have r/w access
What series of commands could I use to accomplish this?
I just cannot seem to get this right with chmod and , and when I login as my other users I keep on getting permission denied for viewing the folder or creating files even with sticky bit set.
Angellic Chords,
first you must state in your request if you have root privileges (login,sudo) to manipulate permissions in the filesystem.
Now you need split task into smaller blocks:
a. add users into developer group (dev_group - assumed already exists)
root# for user in (user1 user2 user3 ... usern)
do
usermod -a -G dev_group $user
done
b. create developer group directory
mkdir /some/path/to/developer/group/dir
c. assign permission on the folder: see doc
owner root.dev_group (root)
owner rwx -- can read, create, change into directory
group rwx -- can read, create, change into directory
other/world r-x -- can read, change into directory only (check if this desirable)
set SGID - newly created files/directories inherit group from directory
set 'stiky' bit - allows manipulate only own files/directories
chown root.dev_group [path to directory] # owner root.dev_group
chmod u=rwx,g=rwx,o=rx [path to directory] # user rwx; group rwx; other r-x
chmod g+s [path to directory] # SGID bit inherit group from directory for new files and directories
chmod +t [path to directory] # stiky bit manipulate own files and directories only
or
chmod 3775 [path to directory]
NOTE: execute permission on a directory allows to change into the directory
d. define umask for each user:
user rwx
group r--
other ---
(in shell initialisation scripts as .bashrc .profile ....)
umask u=rwx,g=r,o=
NOTE: if umask must be different for any valid reason, then user has to change permission at creation, copy time on new files/directories
More grained access restrictions can be achieved with access control lists acl and SELinux contexts.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I want to copy letsencrypt folder from my remote ec2 machine to my local folder.
So I run this command:
scp -i key.pem -r ubuntu#ec2-3-188-92-58.us-east-2.compute.amazonaws.com:/etc/letsencrypt my-letsencrypt
Some files are copied but other failed with this error Permission denied:
scp: /etc/letsencrypt/archive: Permission denied
scp: /etc/letsencrypt/keys: Permission denied
I want to avoid to change ec2 files permissions.
What can I do to copy this folder to my local filesystem?
You are logging in with the account ubuntu on the server, but that account doesn't have the correct permission to read (and therefore) copy all the files. Most likely some of the files are owned by root and are not readable by others.
You can check the permission yourself with ls -l /etc/letsencrypt.
To copy the files anyway, here's two options:
1. Make a readable copy
on the remote server (logged in via SSH), you can make a copy of the folder, and change the permissions of the files:
sudo cp -r /etc/letsencrypt ~/letsencrypt-copy
sudo chown -R ubuntu:ubuntu ~/letsencrypt-copy
Now you can copy the files from there:
scp -i key.pem -r ubuntu#ec2-3-188-92-58.us-east-2.compute.amazonaws.com:letsencrypt-copy my-letsencrypt
2. copy from root
If you have ssh access on the root account, then just copy using that account:
scp -r root#ec2-3-188-92-58.us-east-2.compute.amazonaws.com:letsencrypt-copy my-letsencrypt
Here you need public read permission
- First SSH to your remote server ubuntu#ec2-3-188-92-58.us-east-2.compute.amazonaws.com
sudo su - (make sure you are a root user)
chmod -R 0744 /etc/letsencrypt
now try to download again with SCP again
after download put back permissions to 0700
chmod -R 0700 /etc/letsencrypt
Check the file permissions for archive & keys. It should be 400. Just change to 600. After the change, try copying again.
chmod -R 600 ./archive ./keys
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I need to create a user which can only SFTP to specific directory and take a copy of some infomation. that is it. I keep looking online and they bring up information about chroot and modifying the the sshd_config.
So far I can just
add the user "useradd sftpexport"
create it without a home directory "-M"
set its login location "-d /u02/export/cdrs" (Where the information is stored)
not allow it to use ssh "-s /bin/false"
useradd sftpexport -M -d /u02/export/cdrs -s /bin/false
Can anyone suggest what am meant to edit so the user can only login and copy the file off?
I prefer to create a user group sftp and restrict users in that group to their home directory.
First, edit your /etc/ssh/sshd_config file and add this at the bottom.
Match Group sftp
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
This tells OpenSSH that all users in the sftp group are to be chrooted to their home directory (which %h represents in the ChrootDirectory command)
Add a new sftp group, add your user to the group, restrict him from ssh access and define his home directory.
groupadd sftp
usermod username -g sftp
usermod username -s /bin/false
usermod username -d /home/username
Restart ssh:
sudo service ssh restart
If you are still experiencing problems, check that the directory permissions are correct on the home directory. Adjust the 755 value appropriately for your setup.
sudo chmod 755 /home/username
EDIT: Based on the details of your question, it looks like you are just missing the sshd_config portion. In your case, substitute sftp with sftpexport. Also be sure that the file permissions are accessible on the /u02/export/cdrs directory.
An even better setup (and there are even better setups than what I am about to propose) is to symlink the /u02/export/cdrs directory to the user home directory.
You could need to add a restricted shell for this user can put some files there. You can use rssh tool for that.
usermod -s /usr/bin/rssh sftpexport
Enable allowed protocols in config /etc/rssh.conf.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I need to edit a file which is read only. This file is located at a remote appliance. Through ssh I logged in to this as admin and I have the root access.
Command "ls -l" show the permissions of file as
"-rwxr-xr-x 1 admin root 952 Oct 30 02:01 file.sh"
I am not as such familiar with Linux but I searched and found that this above line means that the admin is the owner and he/she has the read and write permission.
But the file is appearing to be read only, I am unable to edit it. So I tried to change the permission using command chomd
[admin#appliance targetfolder]# chmod 666 file.sh
chmod: changing permissions of `file.sh': Read-only file system
But still it is just read-only.
Someone suggested to remount the folder which contains this file.
How will I remount it, I used
" mount -o remount,rw /folde1/folder2/targetFolder"
but It gave
"mount: can't find /folde1/folder2/targetFolder in /etc/fstab or /etc/mtab".
Problem is solved, I remounted folder by using "mount -o remount,rw /" and then edited the file, without changing any permissions, it worked.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
A while back I bought a 1TB USB external drive. I formatted it ext4 in Ubuntu and copied a bunch of files / folders to it from several machines, all to /home/machinename/whatever, respectively.
At some point I ran a chmod -R shell command on it to change the permissions. That was months ago and I don't remember what I typed but it made the drive so I could only access its /home folder as root. This wasn't a problem because I could still access everything, but today I decided to try to fix it.
I went to my shell as root, went to that drive and typed:
chown -R rick:rick ./
chmod -R 666 ./
It seemed to work. That home directory and everything else in it now shows up as rw for each:
rick#rick64:/media/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee$ ls -l
drw-rw-rw- 7 rick rick 4096 2012-03-04 13:08 home
So, if I try to access that directory with the shell, I get:
rick#rick64:/media/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee$ ls -l
drw-rw-rw- 7 rick rick 4096 2012-03-04 13:08 home
rick#rick64:/media/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee$ cd home
bash: cd: home: Permission denied
rick#rick64:/media/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee$ _
When I access it with nautilus I can see the multiple machine names within the /home/ folder, but they all appear with a file icon. I can right-click on them and choose "Properties" but it won't let me see the permissions.
Am baffled. Why can't I access that folder? I'm the owner? I'm even the group. I have r/w privileges. What am I doing wrong?
You're neither trying to read (list) nor write (create a new entry) the directory. You want to enter it, therefore you need (slightly misnamed in the case of directories) exexute permissions.