This is the second time i've had this occur to me.
I am working on a rails app, and I create a file via touch show.html.haml, and I can do an ls and see the file.
but I am using both WinSCP and SFTP for sublime, and neither can see this file!
WinSCP returns...
and Sublime returns,
Downloading folder "/app/qa/www/htdocs/qa-dashboard/app/views/scripts/" ... 1 file to download
yet it never downloads the file. What is happening here? I've also verified that it wasn't the touch command. i've tried vi'ing the file, and saving it. Same thing.
I've also verified that the hosts are matching.
Additional notes:
I am using elevated_user to create the file, and user, ddavison to edit the file. ddavison is not in the group.
File modes are,
drwxrw-rw- ... .
drwxr-xrwx ... ..
-rw-rw-rw- ... show.html.haml
The permissions on your scripts directory appear to be incorrect:
drwxrw-rw- ... .
^--^-- missing eXecute bit
The execute bit on directories allows the directory's contents to be listed. Since the "group" and "other" perms on the scripts directory do not allow listing, you'll get that error. Most like you're logged in to the shell as the owner of the directory, so you can get listings all you want, but you're logging in as a user OTHER than the owner via winscp, so they're unable to list the directory contents.
I expect the problem is with the permissions on the containing directory -
drwxrw-rw- ... .
Both of those programs probably try to chdir into that directory before retrieving the file. In order to do so, the directory must have x (execute) permissions for the user they are logging in as. Based on what you said, it seems that set 'other' needs +x -
chmod o+x /app/qa/www/htdocs/qa-dashboard/app/views/scripts/
Depending on the users/groups in question, you may want to consider removing write permission -
chmod o-w /app/qa/www/htdocs/qa-dashboard/app/views/scripts/
For directories, the x permission bit isn't execute, rather it's "list the contents of this directory". Since the directory's permissions are only 'rwxrw-rw-', only the owner may list the contents of the directory. Provide "other" that permission using chmod o+x /app/qa/www/htdocs/qa-dashboard/app/views/scripts.
Related
I currently have a directory (udir), which has only read and write permissions for all users. This directory contains two files (file1 & file2)
I initially though that only write access was needed (on the directory) for me to be able to delete/remove a file via (rm udir/file1) but the rm command would give me access denied. when i set the permissions to read, write, and execute, the rm command works.
Obviously the execute access is needed as well but why??
I thought the execute access on a directory was to be able to make it a working a directory and search its contents and access sub directories.
You actually need read, write and execute permissions on the directory, not on the file itself since the operation is done considering the permissions effects of directories.
A good documentation can be found on this link, which mentions the below in the section Special Considerations on Directories:
To delete a file requires both write (to modify the directory itself)
and execute (to stat() the file's inode) on a directory. Note a user
needs no permissions on a file nor be the file's owner to delete it!
I am supposed to give write/edit permission to my directory in /var/lib/mysql/dbname via Linux.
I am unaware of backend UI and i know i just enetered the text "sudu so" # centos machine which displays :
[root#ip-10-0-0-61 centos]#
Can anyone tell how to proceed further as I have always been using WinScp which restricts me to write database files due to present set permissions.
Any user interface file manager that could do this would be really helpful too.
Thanks in advance
You can change files/folders permission with the chmod command. There's a man page here. The full command line to type depends on which permission you exactly need. A basic usage of the command is
chmod [ugoa][+-=][rwx] file
Where
[ugoa] allow you to choose whose permission you want to modify: the owner of the file (u), users member of the group of the file (g), any other users (o) and all users (a)
[+-=] allow you to tell the command if you want to add (+) the selected permissions, remove them (-) or set them as the only permissions of the file(=).
[rwx] allow you to choose the permission : read (r), write (w) or execute (x). There exist other type of permissions explained in the man.
To change the permission of a folder recursively, you can add the option -R to the command.
Very simple just execute the command
chmod 777 -R ./
This will do the trick for you.
There are two things to look at, setting permissions, and ownership.
To do this for an entire directory (be careful with this)
chmod -R {permissions} {directory}
If you're unsure what permissions to use check this guide
To set ownership, use
chown {user:group} {directory} -R
Again be careful with these settings. It's not often you'll want an entire directory full of files to all have the same permissions, and you could be opening yourself up to risks if you do so. Always be explicit and give each file the minimum permissions needed to get the job done.
Why can the ls command of Ubuntu list the files of a directory with no execution permission set ?
The Test directory has read and write permissions set but no execution permission set. I understand that the x attribute of the directory specify whether the directory can be accessed, and if it is not set then it doesn't matter whether r or w is set (please correct me if I'm wrong).
The cd and cat commands works as expected, i.e. that cannot do their job, since they cannot access the directory.
Having +r but not +x on a directory allows reading its contents, but not making it the current directory. Conversely, having +x on a directory but not +r will allow you to make it your current directory but not list it.
In other words, on a directory:
r: The read bit allows you to read the contents of that directory
w: The write bit allows you to create, rename and delete files
x: The execute bit allows you to chdir into that directory
Edit:
Apologies, after re-reading the original post, I have a better understanding of the question. The files can be listed even though there is no execute permission because you have read permission on the directory. The x bit controls access to the inode, which contains the file metadata such as permissions info. This is why the files can be listed, but no permission data is available.
https://askubuntu.com/questions/83788/accessing-files-in-a-directory-without-x-permission
See also:
https://unix.stackexchange.com/questions/21251/how-do-directory-permissions-in-linux-work
Say a FOLDER is set to chmod 777 but FILES in the folder is set to chmod 755.
Non-owner user can write files to the FOLDER. Then how about overwriting the already existing files? Can the existing files be overwritten by a non-owner user?
If you give everyone read, write, and execute permissions on a directory, everyone can create and remove files, including ones that have been created by other users.
If you want to avoid such a behavior (one of your comments mentioned that), you should create another /tmp or /var/tmp directory: Set the sticky bit:
$ chmod +t directory
With the sticky bit set, every user can create new files, but is unable to remove files from others.
A fair word of warning here though: I do not recommend to secure your uploads with such a feature. Implement a better access control in your frontend instead.
Yes. While non-owners will not be able to open a file for editing and change its contents, they will be able to remove any file in the directory and replace it with a new file of the same name.
I'm often finding myself in a situation where I login to shell as root (I've already been told it's a bad practice) and copy new files to some directory served by apache.
Since I'm logged in as root, the new files will have root set as owner, and different permissions than the files which are already present, and I'll need to change the permissions for Apache to be able to access the files. I am doing it manually.
I am researching a better way of doing it. I was wondering if there is a way to somehow apply with a single command the permissions of the current folder to all it's sub-folders and files.
Windows has such a feature, where you can "reset all files and folder permissions" to those of the parent folder.
To get the permissions on the current directory, you can use
stat -c %a .
To set permissions recursively, use
chomd -R
Put together, it gives
chmod -R `stat -c %a .` .
Or, you can use the --reference option of chmod if supported.
chmod -R --reference=. .
+1'd #choroba's answer but... are you sure that's what you want to do?
From http://en.wikipedia.org/wiki/File_system_permissions ...
Permissions
Unix-like systems implement three specific permissions that apply to each class:
The read permission grants the ability to read a file. When set for a directory,
this permission grants the ability to read the names of files in the directory,
but not to find out any further information about them such as contents, file type,
size, ownership, permissions.
The write permission grants the ability to modify a file. When set for a directory,
this permission grants the ability to modify entries in the directory. This includes
creating files, deleting files, and renaming files.
The execute permission grants the ability to execute a file. This permission must
be set for executable programs, including shell scripts, in order to allow the operating
system to run them. When set for a directory, this permission grants the ability to access
file contents and meta-information if its name is known, but not list files inside the
directory, unless read is set also.
The effect of setting the permissions on a directory, rather than a
file, is "one of the most frequently misunderstood file permission
issues".
When a permission is not set, the corresponding rights are denied.
Unlike ACL-based systems, permissions on Unix-like systems are not
inherited. Files created within a directory do not necessarily have
the same permissions as that directory.
(emphasis added)