Linux, Why can't I write even though I have group permissions?

前端 未结 6 1518
醉酒成梦
醉酒成梦 2021-01-30 12:30

I want to create a file in a directory owned by the staff group which I am a member of. Why can I not do this?

bmccann@bmccann-htpc:~$ ls -l /usr/local/lib/R/
t         


        
相关标签:
6条回答
  • 2021-01-30 12:38

    Why can't Linux user edit files in group he is a part of?

    I am using Ubuntu 12.04 and had the same problem where a user cannot write to a file to whom he is allowed group access to. For example:

    whoami                                        //I am user el
      el                                            
    
    touch /foobar/test_file                       //make a new file
    
    sudo chown root:www-data /foobar/test_file    //User=root  group=www-data
    
    sudo chmod 474 /foobar/test_file              //owner and others get only read, 
                                                  //group gets rwx
    
    
    sudo groupadd www-data                        //create group called www-data    
    
    groups                                        //take a look at the groups and see
     www-data                                     //www-data exists.
    
    groups el                                     //see that el is part of www-data
      el : www-data                               
    

    Restart the terminal now to ensure the users and groups have taken effect. Login as el.

    vi /foobar/test_file                          //try to edit the file.
    

    Produces the Warning:

    Warning: W10: Warning: Changing a readonly file"
    

    What? I've done everything right why doesn't it work?

    Answer:

    Do a full reboot of the computer. Stopping the terminal isn't enough to fix these problems.

    I think what happens is apache2 also uses the www-data group, so the task was somehow preventing the users and groups from being enforced correctly. Not only do you have to logout, but you have to stop and restart any services that use your group. If a reboot doesn't get it, you've got bigger problems.

    0 讨论(0)
  • 2021-01-30 12:41

    Check if your parent directory have permission before you add content to that file

    sudo chmod -R 777 /yourDir/file.log
    
    0 讨论(0)
  • 2021-01-30 12:43

    I had an issue when a user could not access the /foo/bar/baz directory even when he had permissions because he did not have an access to the bar directory.

    0 讨论(0)
  • 2021-01-30 12:49

    Did you logout and log back in after making the group changes? See:
    Super User answer involving touch permissions failure

    0 讨论(0)
  • 2021-01-30 12:52

    Use Linux ACL (access control lists) - it is more fine-grained version of permission system,

    setfacl -R -m 'group:staff:rwx' -m 'd:group:staff:rwx' /usr/local/lib/R/
    

    This sets both active rights for directory and default rights for anything created within.

    This fails to work without relogin if you've just added yourself to the staff group, but you may set the permission only for yourself for the current session.

    0 讨论(0)
  • 2021-01-30 12:59

    I had the same issue, check if the folder has any more ACL rules or not!

    If you can see + (plus sign) when you list folder, that means it has special access rules. For example:

    [user_in_apache_group@web02 html]$ ls -l
    total 16
    drwxrwxr-x  16 apache apache 4096 Sep  4 13:46 ilias
    drwxrwxr-x+ 15 apache apache 4096 Sep  4 13:46 ilias5
    

    View the permission:

    [user_in_apache_group@web02 html] getfacl ilias5
    # file: ilias5
    # owner: apache
    # group: apache
    user::rwx
    user:user_in_apache_group:r-x
    group::rwx
    mask::rwx
    other::r-x
    

    So that means my user (user_in_apache_group) has no write permission for that folder.

    The solution is what @techtonik said, add write permission for user:

    [user_in_apache_group@web02 html]$ sudo setfacl -m u:user_in_apache_group:rwx ./ilias5
    

    Check permission again:

    [user_in_apache_group@web02 html] getfacl ilias5
    ...
    user:user_in_apache_group:rwx
    ...
    

    Hope it helps. ;)

    0 讨论(0)
提交回复
热议问题