Welcome to the Linux Foundation Forum!

[Lab 5.1 Group Management] Couldn't create file under "somedir": Permission denied

Options
fabv
fabv Posts: 4
edited April 11 in LFS207 Class Forum

Following the instructions in the document for Lab 5.1 where you have to create a file as a user belonging to a group inside a directory placed under another user's home directory, I only kept getting this error:

📦[bullwinkle@linux-sysadmin-course ~]$ touch /home/rocky/somedir/somefile
touch: cannot touch '/home/rocky/somedir/somefile': Permission denied

I figured out later that the outputs of ls -l weren't the same for the systems I tried it on (Fedora 38, openSUSE Tumbleweed 20240310, Debian 11), e.g. my Fedora distrobox:

📦[rocky@linux-sysadmin-course ~]$ ls -l
total 4
drwxr-xr-x 2 rocky bosses 4096 Mar 13 17:22 somedir

Compared to the walkthrough provided:

$ ls -l
total 16
-rw-r--r-- 1 rocky rocky 8980 Oct 4 2013 examples.desktop
drwxrwxr-x 2 rocky bosses 4096 Oct 30 09:53 somedir

i.e. the write permissions weren't granted on the directory for me, but they were (by default?) in the example.

I don't know if this was intended or not, but I felt like I should have made a post about this.

Comments

  • luisviveropena
    luisviveropena Posts: 1,158
    Options

    Hi @fabv , what is the distro and version that didn't work for you? I can try to reproduce the issue.

    Regards,
    Luis.

  • fabv
    fabv Posts: 4
    edited April 12
    Options

    Hi! The details are in my post already:

    the systems I tried it on (Fedora 38, openSUSE Tumbleweed 20240310, Debian 11)

    I can provide more details if needed, the Fedora container I used for my own example has this for its /etc/os-release:

    $ cat /etc/os-release
NAME="Fedora Linux"
VERSION="38 (Container Image)"
ID=fedora
VERSION_ID=38
VERSION_CODENAME=""
PLATFORM_ID="platform:f38"
PRETTY_NAME="Fedora Linux 38 (Container Image)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:38"
DEFAULT_HOSTNAME="fedora"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f38/system-administrators-guide/"
SUPPORT_URL="https://ask.fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=38
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=38
SUPPORT_END=2024-05-14
VARIANT="Container Image"
VARIANT_ID=container
  • fabv
    fabv Posts: 4
    Options

    To add, after reading the umask lesson and seeing the "Demo: umask" video, I noticed that it does look like at the time of writing them, those systems had a default umask of 0002 instead of the current 0022 I get on my systems.
    I don't know where to look to say when this change could have been implemented.

  • luisviveropena
    luisviveropena Posts: 1,158
    Options

    Hi @fabv ,

    I tested it on Fedora 38 and I was able to reproduce the issue. So the workaround is the following:

    1.- Move or copy the test to /tmp/ , so in some distros will be easier to avoid specific setups about the user directories.

    I used 'cp -Rpv somedir/ /tmp/' in order to preserve the permissions on the directory.

    2.- You need to give write permissions over somedir/ directory for the bosses group, so that way the bullwinkle user will be able to write on it.

    I did that as rocky user and:

    chmod 771 /tmp/somedir/

    And that was enough.

    Regards,
    Luis.

  • fabv
    fabv Posts: 4
    Options

    Thanks for confirming and for providing another solution!

    Personally, I had solved that by simply giving write permissions on the directory to the group:

    chmod g+x somedir
  • luisviveropena
    luisviveropena Posts: 1,158
    Options

    Hi @fabv,

    Yeah, that works. It's similar to step 2 I put above.

    Regards,
    Luis.

Categories

Upcoming Training