[Lab 5.1 Group Management] Couldn't create file under "somedir": Permission denied

fabv · April 2024

Following the instructions in the document for Lab 5.1 where you have to create a file as a user belonging to a group inside a directory placed under another user's home directory, I only kept getting this error:

📦[bullwinkle@linux-sysadmin-course ~]$ touch /home/rocky/somedir/somefile
touch: cannot touch '/home/rocky/somedir/somefile': Permission denied

I figured out later that the outputs of ls -l weren't the same for the systems I tried it on (Fedora 38, openSUSE Tumbleweed 20240310, Debian 11), e.g. my Fedora distrobox:

📦[rocky@linux-sysadmin-course ~]$ ls -l
total 4
drwxr-xr-x 2 rocky bosses 4096 Mar 13 17:22 somedir

Compared to the walkthrough provided:

$ ls -l
total 16
-rw-r--r-- 1 rocky rocky 8980 Oct 4 2013 examples.desktop
drwxrwxr-x 2 rocky bosses 4096 Oct 30 09:53 somedir

i.e. the write permissions weren't granted on the directory for me, but they were (by default?) in the example.

I don't know if this was intended or not, but I felt like I should have made a post about this.

luisviveropena · April 2024

Hi @fabv , what is the distro and version that didn't work for you? I can try to reproduce the issue.

Regards,
Luis.

fabv · April 2024

Hi! The details are in my post already:

the systems I tried it on (Fedora 38, openSUSE Tumbleweed 20240310, Debian 11)

I can provide more details if needed, the Fedora container I used for my own example has this for its /etc/os-release:

$ cat /etc/os-release
NAME="Fedora Linux"
VERSION="38 (Container Image)"
ID=fedora
VERSION_ID=38
VERSION_CODENAME=""
PLATFORM_ID="platform:f38"
PRETTY_NAME="Fedora Linux 38 (Container Image)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:38"
DEFAULT_HOSTNAME="fedora"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f38/system-administrators-guide/"
SUPPORT_URL="https://ask.fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=38
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=38
SUPPORT_END=2024-05-14
VARIANT="Container Image"
VARIANT_ID=container

fabv · April 2024

To add, after reading the umask lesson and seeing the "Demo: umask" video, I noticed that it does look like at the time of writing them, those systems had a default umask of 0002 instead of the current 0022 I get on my systems.
I don't know where to look to say when this change could have been implemented.

luisviveropena · April 2024

Hi @fabv ,

I tested it on Fedora 38 and I was able to reproduce the issue. So the workaround is the following:

1.- Move or copy the test to /tmp/ , so in some distros will be easier to avoid specific setups about the user directories.

I used 'cp -Rpv somedir/ /tmp/' in order to preserve the permissions on the directory.

2.- You need to give write permissions over somedir/ directory for the bosses group, so that way the bullwinkle user will be able to write on it.

I did that as rocky user and:

chmod 771 /tmp/somedir/

And that was enough.

Regards,
Luis.

fabv · April 2024

Thanks for confirming and for providing another solution!

Personally, I had solved that by simply giving write permissions on the directory to the group:

chmod g+x somedir

luisviveropena · April 2024

Hi @fabv,

Yeah, that works. It's similar to step 2 I put above.

Regards,
Luis.

[Lab 5.1 Group Management] Couldn't create file under "somedir": Permission denied

Welcome!

Comments

Welcome!

Welcome!

Quick Links

Categories

Upcoming Training

Kubernetes Administration (LFS458)

Linux System Administration (LFS301)

Open Source Virtualization (LFS462)

Linux Kernel Debugging and Security (LFD440)