Welcome to the Linux Foundation Forum!

Lab 32.3 issue with Ubuntu

I have another issue with ubuntu 20.04!

When working through Lab 32.3, after running,
setfacl -m u:fool:rw /tmp/afile
and then logging is as fool, I am still unable to modify /tmp/afile

It works fine in both the Fedora and OpenSUSE VMs I have in Vmware.

I've attached a screenshot of the process, Fedora alongside Ubuntu.

Any idea why Ubuntu is not giving the same results as the others?

(ubuntu is running on a real machine, Fedora and OpenSUSE are running in VMware)

Also, in the solution, at point 5, 'In window 2' should it not be a command such as,
$cat /tmp/afile to elicit the Permission denied response?

Comments

  • lee42x
    lee42x Posts: 380

    Hi Gairsty, Thank you for this question, you are correct this is broken in Ubuntu 20.04. I will do further investigation but for now we have to list this a bug.
    Thanks Lee

  • lee42x
    lee42x Posts: 380

    It seems to be related to "/tmp" but I'm still working on it.

  • gairsty
    gairsty Posts: 26

    That's where I got to, then I tried Fedora and OpenSUSE and couldn't see any difference.

    I look forward to seeing what the issue is.

    Cheers

  • luisviveropena
    luisviveropena Posts: 1,144

    Hi @gairsty ,

    I just confirmed this is working on Ubuntu 18.04. After added acl's for the second username, I was able to edit the file created by the another username. I just had to do ":wq!" in order to be able to edit the file (using vim).

    But if that's not working on Ubuntu 20, that looks like a bug, as Lee said.

    Many regards,
    Luis.

  • gairsty
    gairsty Posts: 26

    I just had to do ":wq!" in order to be able to edit the file (using vim).

    Hi Luis.

    As a non-vim user, what does that mean?
    (I'll ask directly rather than searching the internet and having to do wade through rafts of emacs vs vim posts... ;))

  • luisviveropena
    luisviveropena Posts: 1,144

    Hi @gairsty ,

    Basically it woks on Ubuntu 18 and it's broken on Ubuntu 20. So, if you want to test the functionality on Ubuntu, please try with 18.04.

    Many regards,
    Luis.

  • gairsty
    gairsty Posts: 26

    LOL!
    I'll pass, I made it work on Fedora and openSUSE, just glad it's not something I'd done wrong!

    Thank you!

  • luisviveropena
    luisviveropena Posts: 1,144

    Hehehe, that's pretty good! I'm glad it's clear now :)

    Many regards,
    Luis.

  • PRopiy
    PRopiy Posts: 2

    Also, in the solution, at point 5, 'In window 2' should it not be a command such as,
    $cat /tmp/afile to elicit the Permission denied response?

  • coop
    coop Posts: 915

    If you are in vi, typing :wq! lets you save("w", for write) and exit ("q", for quit) in one step. You don't need the ! for that

  • coop
    coop Posts: 915

    overwriting the file is fine as a test and was used throughout

  • lee42x
    lee42x Posts: 380

    Found the root issue, the ACL's are ignored if the sticky bit is on for the directory. This only applies to Ubuntu 20.04 so far. For the lab, use a different directory.

  • coop
    coop Posts: 915

    Using another directory is not quite trivial as for both users to access the file it needs to be someplace where both can modify it, which is why /tmp was used to begin with. This sounds like a bug in Ubuntu 20.04 unless we can find something in the actual documentation that says it is a bug everywhere else, so for the moment the lab won't change, except perhaps to note that Ubuntu 20.04 is on its own planet, once we decide that is true

  • gairsty
    gairsty Posts: 26

    Note: I am continuing the rest of my courses on Ubuntu 18.04!
    Of the many things I've learned recently, no distro is the same as any other. I understand why, and can appreciate that things are improved, etc. etc.... but it's very annoying when you're learning!!

  • Hi.
    Same here on my Ubuntu 20.04LTS. OK, I've worked on different directory such as /home/myuser and checked it works as expected.

    BTW, is I'm curious about how to monitor what happens on OS when access to /tmp/afile is denied by permission. Any ideas?

  • Hi @m.taniguchi ,

    BTW, is I'm curious about how to monitor what happens on OS when access to /tmp/afile is denied by permission. Any ideas?

    What do you mean with that? Can you re-phrase or explain it, please?

    Regards,
    Luis.

  • @luisviveropena Oh, sorry. I meant about how to debug setfacl functionality , when the unexpected "Permission denied" message came up, I checked syslog or kernel log, but nothing imply error . How do you check and debug if setfacl not work as expected? (Or is it impossible?)

  • Hi @m.taniguchi ,

    Ok, got it. I think you would think in a test method, that could be useful for other tools as well. I'd say you can do the following:

    1.- Test the functionality as described in the documentation.
    2.- If it doesn't work, check the configuration, if there is any, as there may be an error in this part.
    3.- Confirm if the user you are working with is the correct.
    4.- Confirm if the permissions on the file(s) and/or directory(ries) are the correct.
    5.- Look for documented bugs for the feature.
    6.- If it doesn't work yet, try it in another version on the same distro (a previous distro may be able to get it working).
    7.- It it doesn't work yet, try it in another distro.

    There are things that are more difficult to troubleshoot than others, specially when it's a bug.

    Regards,
    Luis.

Categories

Upcoming Training