Re: Group permissions are broken?
On Mon, Aug 15, 2011 at 05:39:31PM -0700, Yuri typed: > On 08/15/2011 13:10, Dan Nelson wrote: > >As a sanity check, what is the output of the "groups" command? If you > >recently edited /etc/group, maybe you need to log out and back in to a > >credential with the new group list? > > Reboot cured the problem. Reboot is a very rigourous way to log out and back in again. You should have tried that first. > Is this because some other command should be run to enable /etc/group > changes? No. Just loggin out and back in > Is it cached somewhere? No Ruben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
On 08/16/2011 01:32, per...@pluto.rain.com wrote: On my 8.1 system, sticky(8) says: A directory whose `sticky bit' is set becomes ... a directory in which the_deletion_ of files is restricted. A file in a sticky directory may only be_removed_ or_renamed_ if ... [emphasis added] Nothing there about the sticky bit changing the permissions required to_overwrite_ a file, which is the subject of the current inquiry. Even if the sticky bit_did_ have some effect on overwriting a file, how would that explain the_different_ behavior of the two cases shown? Actually, sticky has nothing to do with this. I originally spotted the problem on one device under /dev/ and later just made an example under tmp. Same behavior was for any other directory. I still can't get why this happened. Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
Michael Sierchio wrote: > On Mon, Aug 15, 2011 at 1:06 PM, Yuri wrote: > > User john is a member of both webcamd and vboxusers: > > # grep john /etc/group > > webcamd:*:145:john > > vboxusers:*:920:john > > > > When the file /tmp/my-test is owned by webcamd, user john can > > touch it ok: > > $ ls -l /tmp/my-test ; touch ?/tmp/my-test > > -rw-rw ?1 vboxusers ?vboxusers ?0 Aug 15 12:54 /tmp/my-test > > > > But when /tmp/my-test is owned by webcamd, user john gets an > > error: > > $ ls -l /tmp/my-test ; touch ?/tmp/my-test > > -rw-rw ?1 webcamd ?webcamd ?0 Aug 15 13:02 /tmp/my-test > > touch: /tmp/my-test: Permission denied > > > > Why does this error occur? Two groups seem identical. Just > > different group ids. > > /tmp has the sticky bit set. man 8 sticky On my 8.1 system, sticky(8) says: A directory whose `sticky bit' is set becomes ... a directory in which the _deletion_ of files is restricted. A file in a sticky directory may only be _removed_ or _renamed_ if ... [emphasis added] Nothing there about the sticky bit changing the permissions required to _overwrite_ a file, which is the subject of the current inquiry. Even if the sticky bit _did_ have some effect on overwriting a file, how would that explain the _different_ behavior of the two cases shown? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
On 08/15/2011 13:10, Dan Nelson wrote: As a sanity check, what is the output of the "groups" command? If you recently edited /etc/group, maybe you need to log out and back in to a credential with the new group list? Reboot cured the problem. Is this because some other command should be run to enable /etc/group changes? Is it cached somewhere? Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
On 08/15/2011 13:10, Dan Nelson wrote: As a sanity check, what is the output of the "groups" command? If you recently edited /etc/group, maybe you need to log out and back in to a credential with the new group list? $ groups john users webcamd vboxusers $ touch /tmp/my-test touch: /tmp/my-test: Permission denied $ ls -l /tmp/my-test -rw-rw 1 webcamd webcamd 0 Aug 15 13:02 /tmp/my-test Puzzle. Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
On Mon, Aug 15, 2011 at 1:06 PM, Yuri wrote: > User john is a member of both webcamd and vboxusers: > # grep john /etc/group > webcamd:*:145:john > vboxusers:*:920:john > > When the file /tmp/my-test is owned by webcamd, user john can touch it ok: > $ ls -l /tmp/my-test ; touch /tmp/my-test > -rw-rw 1 vboxusers vboxusers 0 Aug 15 12:54 /tmp/my-test > > But when /tmp/my-test is owned by webcamd, user john gets an error: > $ ls -l /tmp/my-test ; touch /tmp/my-test > -rw-rw 1 webcamd webcamd 0 Aug 15 13:02 /tmp/my-test > touch: /tmp/my-test: Permission denied > > Why does this error occur? Two groups seem identical. Just different group > ids. /tmp has the sticky bit set. man 8 sticky ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
On 08/15/2011 13:09, Chuck Swiger wrote: How many groups is user john in? There's a limit of MAXGROUPS = 16. john is a member of only 3 groups, users, webcamd and vboxusers. Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
In the last episode (Aug 15), Yuri said: > User john is a member of both webcamd and vboxusers: > # grep john /etc/group > webcamd:*:145:john > vboxusers:*:920:john > > When the file /tmp/my-test is owned by webcamd, user john can touch it ok: > $ ls -l /tmp/my-test ; touch /tmp/my-test > -rw-rw 1 vboxusers vboxusers 0 Aug 15 12:54 /tmp/my-test > > But when /tmp/my-test is owned by webcamd, user john gets an error: > $ ls -l /tmp/my-test ; touch /tmp/my-test > -rw-rw 1 webcamd webcamd 0 Aug 15 13:02 /tmp/my-test > touch: /tmp/my-test: Permission denied > > Why does this error occur? Two groups seem identical. Just different group > ids. > > Filesystem is UFS: /dev/ad10s1a on / (ufs, NFS exported, local) As a sanity check, what is the output of the "groups" command? If you recently edited /etc/group, maybe you need to log out and back in to a credential with the new group list? -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Group permissions are broken?
Hi-- On Aug 15, 2011, at 1:06 PM, Yuri wrote: > Why does this error occur? Two groups seem identical. Just different group > ids. > > Filesystem is UFS: /dev/ad10s1a on / (ufs, NFS exported, local) How many groups is user john in? There's a limit of MAXGROUPS = 16. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Group permissions are broken?
User john is a member of both webcamd and vboxusers: # grep john /etc/group webcamd:*:145:john vboxusers:*:920:john When the file /tmp/my-test is owned by webcamd, user john can touch it ok: $ ls -l /tmp/my-test ; touch /tmp/my-test -rw-rw 1 vboxusers vboxusers 0 Aug 15 12:54 /tmp/my-test But when /tmp/my-test is owned by webcamd, user john gets an error: $ ls -l /tmp/my-test ; touch /tmp/my-test -rw-rw 1 webcamd webcamd 0 Aug 15 13:02 /tmp/my-test touch: /tmp/my-test: Permission denied Why does this error occur? Two groups seem identical. Just different group ids. Filesystem is UFS: /dev/ad10s1a on / (ufs, NFS exported, local) Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"