I have application running on ubuntu 12.04 and when user submit file using submit form I got permission denied error. So it seems that user don't have permission to write. when I'm logged in as root and use ls -l folder_name it write
drwxrwxr-x 2 root root 4096 Dec 5 01:17 folder1
drwxrwxr-x 2 root root 4096 Dec 5 01:17 folder2
when I use chown myuser folder_name and repeat ls -l folder_name it gives me the same output so myuser is still not owner of the folders. How can I add myuser as owner of existing folders and all newly created folders inside existing folders.
`
Several things to consider-
owner is root so either 'sudo chown' or become root to do the change
chown myuser:mygroup to change both the owner and group (or chgrp)
from your question it sounds like this is from a web page, so it will probably need to be owned by apache:apache or whatever your webserver runs as
you can't specify the owner of all newly (future) created folders inside these, just who has permissions (chmod) to create folders and then depends on what user is trying to do the creates.
the command is:
sudo chown -R apache:apache folder1
Related
In an Amazon Linux instance, after deployment using ElasticBeanstalk, all the files are owned by root user:
drwxr-xr-x 25 root root 4096 jan 01 00:00 var
But the current user is ec2-user so I don't have permissions to create/modify inside /var folder anything. What is the best approach to make it work? chown and modify owner to ec2-user? add user to a user group if exists which I don't know... any other idea?
I don't have permissions to create/modify inside /var folder anything.
you can use following ways to achieve this.
Try sudo [your command]
sudo chown user directory
sudo bash //this will make your root directly
But beware for 2 and 3 way, it can break your system if you do something wrong.There is a famous saying hope you know what you will do
How can I prevent changing the ownership of a file?
I have a file with permission as follows:
-rw-r-----. 1 netcool ncoadmin 1689 May 8 14:54 NCI_Constellation.proj
As part of RPM package installation, I am running a script which is supposed to write data into NCI_Constellation.proj file. Whereas the permission of the file is getting changed as follows during package installation and the writing to the file is not happening.
-rw-r-----. 1 root root 1689 May 8 14:54 NCI_Constellation.proj
Is there a way to not change the ownership of NCI_Constellation.proj file and keep it as it is as follows so that I will be able to write data to the file?
-rw-r-----. 1 netcool ncoadmin 1689 May 8 14:54 NCI_Constellation.proj
Please help.
The question is: what package does that file belong to and with what permissions?
rpm -qf /path/to/NCI_Constellation.proj
will give you the package owning this file (let's say NCI.rpm). Then
rpm -qlv NCI.rpm | grep NCI_Constellation.proj
will give you the owners and rights of this file as packaged by NCI.rpm. If you are the one packaging NCI.rpm; you should put something like this in your %files section:
%files
%attr(640,netcool,ncoadmin) /path/to/NCI_Constellation.proj
By the way make sure that you really can write to the file with those permissions; test that first... Who is running the script to change this file? As which user? then run it yourself manually as that user to make sure these file permissions will suffice.
you have two options in my opinion,
first : set netcool to root group by doing this:
$ sudo usermod -a -G root netcool
with this command you user is able to change and modify the file even after the permissions changed.
second : set netcool user a second root user by changing /etc/passwd file.
for this open the file with every file-editor you want then change UID and GID to 0. after doing this if you run $ grep netcool /etc/passwd you should see :
netcool:x:0:0: {the rest may change for anybody}.
We can prevent the changing of group of file by using setgid bit on directory. So if you add user netcool to ncoadmin and give write permission to ncoadmin then you can edit the file. Here is how you can set the SetGid bit on directory.
chmod g+s your_directory_containing_file(NCI_Constellation.proj)
Bit more about the setgid on directory:
setgid can be used on directories to make sure that all files inside the directory are owned
by the group owner of the directory. The setgid bit is displayed at the same location as the x
permission for group owner. The setgid bit is represented by an s (meaning x is also there)
or a S (when there is no x for the group owner). As this example shows, even though root
does not belong to the group proj55, the files created by root in /project55 will belong to
proj55 since the setgid is set.
root#RHELv4u4:~# groupadd proj55
root#RHELv4u4:~# chown root:proj55 /project55/
root#RHELv4u4:~# chmod 2775 /project55/
root#RHELv4u4:~# touch /project55/fromroot.txt
root#RHELv4u4:~# ls -ld /project55/
drwxrwsr-x 2 root proj55 4096 Feb 7 17:45 /project55/
root#RHELv4u4:~# ls -l /project55/
total 4
-rw-r--r-- 1 root proj55 0 Feb 7 17:45 fromroot.txt
My application is hosted on ubuntu in public_html folder. When I run the command git add . it gives me the error:
warning: could not open directory 'public_html/': Permission denied
Entire code is in public_html folder
How can I solve it?
You should make sure so that your user has access or is the owner of the folder and it content. You can check the current owner and permissions by running:
ls -l public_html
Here I list all non-hidden files in a test folder:
who:test who$ ls -l
total 0
-rwxrwxrwx 1 root admin 0 Oct 3 18:04 test1
-rwxrwxrwx 1 root admin 0 Oct 3 18:04 test2
The output shows that both files are owned by the root user and belongs to a group named admin. The first column also shows the access permission, which in this case is set to read and write access to everyone.
If you would like to change the owner you can do:
sudo chown -R <user>:<group> public_html
The above will set the owner of the folder and all its content to the specified user and group; you might need sudo privileges to do this.
There is possible to only change the owner or group with the same command:
sudo chown -R <user> public_html
sudo chown -R :<group> public_html
To change the permission you would use:
sudo chmod -R <mode> public_html
Where mode is the permission, for instance 0777 for full read and write access to everyone. You can also use letters instead of an octal number when setting permissions, for instance:
sudo chmod -R a+rwx public_html
gives the same result as the first chmod command.
References
The chown command: https://ss64.com/bash/chown.html
The chmod command: https://ss64.com/bash/chmod.html
As HDFS user (owner of a Dir), I'm unable to view all the directories
Here is a command sample:
[ec2-user#ip-172-31-33-161 ~]$ ls -ltr
drwxrwxrwx 2 hdfs hadoop 4096 Oct 7 22:39 cards2
[ec2-user#ip-172-31-33-161 ~]$ sudo su - hdfs
[hdfs#ip-172-31-33-161 ec2-user]$ ls -ltr
ls: cannot open directory .: Permission denied
The command
sudo su - hduser
will take change the user, and take you to the home folder of hduser.
The command
sudo su hduser
can be used to remain in the current working directory even after the user is switched.
Login to ec2 machine as you previously logged in with ec2-user, change the permissions of /home/ec2-user , atleast give read permissions to other users.
chmod 777 /home/ec2-user
It is not the issue with the folder you are trying to access from the HDFS user.
ls -ltr will read the current working directory and will list the files in it.
you switched the user and you are accessing the ec2-user directory (The directory path is same as we required).
After changing the permissions, you are able to see the sub folders in ec2-user aswell.
I hope it will work for you. Please let me know for additional help.
I want to create a file in a directory owned by the staff group which I am a member of. Why can I not do this?
bmccann#bmccann-htpc:~$ ls -l /usr/local/lib/R/
total 4
drwxrwsr-x 2 root staff 4096 2010-07-31 16:21 site-library
bmccann#bmccann-htpc:~$ id -nG bmccann
bmccann adm dialout cdrom plugdev staff lpadmin admin sambashare
bmccann#bmccann-htpc:~$ touch /usr/local/lib/R/site-library/tmp
touch: cannot touch `/usr/local/lib/R/site-library/tmp': Permission denied
Did you logout and log back in after making the group changes? See:
Super User answer involving touch permissions failure
I had the same issue, check if the folder has any more ACL rules or not!
If you can see + (plus sign) when you list folder, that means it has special access rules. For example:
[user_in_apache_group#web02 html]$ ls -l
total 16
drwxrwxr-x 16 apache apache 4096 Sep 4 13:46 ilias
drwxrwxr-x+ 15 apache apache 4096 Sep 4 13:46 ilias5
View the permission:
[user_in_apache_group#web02 html] getfacl ilias5
# file: ilias5
# owner: apache
# group: apache
user::rwx
user:user_in_apache_group:r-x
group::rwx
mask::rwx
other::r-x
So that means my user (user_in_apache_group) has no write permission for that folder.
The solution is what #techtonik said, add write permission for user:
[user_in_apache_group#web02 html]$ sudo setfacl -m u:user_in_apache_group:rwx ./ilias5
Check permission again:
[user_in_apache_group#web02 html] getfacl ilias5
...
user:user_in_apache_group:rwx
...
Hope it helps. ;)
Why can't Linux user edit files in group he is a part of?
I am using Ubuntu 12.04 and had the same problem where a user cannot write to a file to whom he is allowed group access to. For example:
whoami //I am user el
el
touch /foobar/test_file //make a new file
sudo chown root:www-data /foobar/test_file //User=root group=www-data
sudo chmod 474 /foobar/test_file //owner and others get only read,
//group gets rwx
sudo groupadd www-data //create group called www-data
groups //take a look at the groups and see
www-data //www-data exists.
groups el //see that el is part of www-data
el : www-data
Restart the terminal now to ensure the users
and groups have taken effect. Login as el.
vi /foobar/test_file //try to edit the file.
Produces the Warning:
Warning: W10: Warning: Changing a readonly file"
What? I've done everything right why doesn't it work?
Answer:
Do a full reboot of the computer. Stopping the terminal isn't enough to fix these problems.
I think what happens is apache2 also uses the www-data group, so the task was somehow preventing the users and groups from being enforced correctly. Not only do you have to logout, but you have to stop and restart any services that use your group. If a reboot doesn't get it, you've got bigger problems.
Use Linux ACL (access control lists) - it is more fine-grained version of permission system,
setfacl -R -m 'group:staff:rwx' -m 'd:group:staff:rwx' /usr/local/lib/R/
This sets both active rights for directory and default rights for anything created within.
This fails to work without relogin if you've just added yourself to the staff group, but you may set the permission only for yourself for the current session.
I had an issue when a user could not access the /foo/bar/baz directory even when he had permissions because he did not have an access to the bar directory.
Maybe your hard disk is full. use this command to check out the "/dev/..." rows.
df -h
Check if your parent directory have permission before you add content to that file
sudo chmod -R 777 /yourDir/file.log