Welcome to the Linux Foundation Forum!

Typos and Error in Lab 32.3

CarloMartini
CarloMartini Posts: 16
edited July 2018 in LFS201 Class Forum

There's a typo in this questions (User instead of Use):



4. User setfacl to make the file readable by the new user and try again.

5. User setfacl to make the file not readable by the new user and try again.

Most importantly, the solutions given are the same for both:


$ setfacl -m u:fool:rx /tmp/afile

$ setfacl -m u:fool:rx /tmp/afile

I suppose it should be something like:


$ setfacl -x u:fool /tmp/afile

 

Comments

  • luisviveropena
    luisviveropena Posts: 896
    edited July 2018

    Hi Carlo,

    Yes, that's right, it's a typo. I'm going to inform of it, thanks for reporting it!

    Luis.

  • MM69
    MM69 Posts: 2

    Isn't the mistake rather that we're supposed to give the user permission to write instead of read and execute? Using w or 2 instead of rx works fine for me:

    exit
[[email protected] ~]$ setfacl -m u:jill:5 /tmp/afile
[[email protected] ~]$ su jill
Password: 
[[email protected] marc]$ echo 'newline' >> /tmp/afile
bash: /tmp/afile: Permission denied
[[email protected] marc]$ exit
exit
[[email protected] ~]$ setfacl -m u:jill:2 /tmp/afile
[[email protected] ~]$ su jill
Password: 
[[email protected] marc]$ echo 'newline' >> /tmp/afile
[[email protected] marc]$
  • luisviveropena
    luisviveropena Posts: 896

    Hi MM69,

    I went through the lab and I found some errors, we are working on this to get the lab right.

    Regards,
    Luis.

  • coop
    coop Posts: 848

    I have fixed this in the ENglish ans Spanish versions for the next release. Thanks.

  • mo79uk
    mo79uk Posts: 42

    I got frustrated on this, but I got there.

    Even though it should be corrected for the next release, for others so far, you have to make the file writable (and perhaps readable too for a cat check) rather than (just) readable in steps 4 and 5. It's already readable to the others group beforehand.

    One question though: If I make the file in my home/user directory rather than under /tmp, no matter what getfacl permissions I set I can't read or write to it as the getfacl'd account. Why is that?

  • mo79uk
    mo79uk Posts: 42

    setfacl'd I mean. Wrote that late.

  • mo79uk
    mo79uk Posts: 42

    Actually, I had no problems in Ubuntu. Would be interested to know why CentOS gave me problems though.

  • luisviveropena
    luisviveropena Posts: 896

    Hi mo79uk,

    Can you clarify what test is failing on CentOS, please? So I can see if I can reproduce it.

    Thanks,
    Luis.

  • mo79uk
    mo79uk Posts: 42

    It was trying to write to the file after setting the getfacl permissions, if the file is saved in /home/user. It's always permission denied. It worked fine if the file was put in /tmp.

  • luisviveropena
    luisviveropena Posts: 896

    Ok, thanks. I'll see if I can reproduce the issue on CentOS.

    Regards,
    Luis.

  • luisviveropena
    luisviveropena Posts: 896

    Hi mo79uk,

    I did the test case and I was able to reproduce the behavior, and it's not an error. In CentOS a user account is not enabled by default to access other user accounts directories, so it's all OK. If you want to allow a user to access another user's directory, you need to instruct the OS to do it and you can do it using setfacl. After that you also can run the another setfacl command to enable the user to write on the file (I was able to do it).

    Regards,
    Luis.

  • mo79uk
    mo79uk Posts: 42

    Ah excellent, many thanks. A note on this is probably worth adding to an update on the lab.

  • luisviveropena
    luisviveropena Posts: 896

    It's a pleasure! Well, the lab is done in /tmp, so that's not a problem. I think it's a good exercise to determine why it's not working in case you do it in your home directory instead a shared one.

    Regards!

    Luis.

  • fouad1994
    fouad1994 Posts: 4

    @luisviveropena said:
    It's a pleasure! Well, the lab is done in /tmp, so that's not a problem. I think it's a good exercise to determine why it's not working in case you do it in your home directory instead a shared one.

    Regards!

    Luis.

    It's a pleasure! Well, the lab is done in /tmp, so that's not a problem. I think it's a good exercise to determine why it's not working in case you do it in your home directory instead a shared one.

  • fouad1994
    fouad1994 Posts: 4

    @fouad1994 said:

    @luisviveropena said:
    It's a pleasure! Well, the lab is done in /tmp, so that's not a problem. I think it's a good exercise to determine why it's not working in case you do it in your home directory instead a shared one.

    Regards!

    Luis. Videoder Tubemate Snaptube

    It's a pleasure! Well, the lab is done in /tmp, so that's not a problem. I think it's a good exercise to determine why it's not working in case you do it in your home directory instead a shared one.

    It's a pleasure! Well, the lab is done in /tmp, so that's not a problem. I think it's a good exercise to determine why it's not working in case you do it in your home directory instead a shared one.

Categories

Upcoming Training