Access denied on folders for users though they have the rwx permission on SUSE Linux Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election Results Why I closed the “Why is Kali so hard” questionWhy do I get “Permission Denied” errors even though I have group permission?Unable to access a directory despite belonging to a group with write permissionWhy, by design, are group permissions ignored for the owner of a file?PHP user as member of a group cannot write to a folderUser and Group permissions for mnt folder and files access in CentOS 7Linux open() syscall and folder permissionsSMB user is owner of directory but it is using group permissionPermission denied - mkdir / No write access for GFolder group ownership permissions and problemsDoes Access Control lists override group or owner permissions?
Is the Standard Deduction better than Itemized when both are the same amount?
How widely used is the term Treppenwitz? Is it something that most Germans know?
How to find out what spells would be useless to a blind NPC spellcaster?
How to tell that you are a giant?
Using et al. for a last / senior author rather than for a first author
String `!23` is replaced with `docker` in command line
51k Euros annually for a family of 4 in Berlin: Is it enough?
What causes the vertical darker bands in my photo?
Dating a Former Employee
Why are there no cargo aircraft with "flying wing" design?
If a contract sometimes uses the wrong name, is it still valid?
Why aren't air breathing engines used as small first stages
Why are Kinder Surprise Eggs illegal in the USA?
How discoverable are IPv6 addresses and AAAA names by potential attackers?
What does this icon in iOS Stardew Valley mean?
Ring Automorphisms that fix 1.
3 doors, three guards, one stone
What's the meaning of 間時肆拾貳 at a car parking sign
Why is "Consequences inflicted." not a sentence?
When were vectors invented?
The logistics of corpse disposal
Do I really need recursive chmod to restrict access to a folder?
What is Arya's weapon design?
ListPlot join points by nearest neighbor rather than order
Access denied on folders for users though they have the rwx permission on SUSE Linux
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
2019 Community Moderator Election Results
Why I closed the “Why is Kali so hard” questionWhy do I get “Permission Denied” errors even though I have group permission?Unable to access a directory despite belonging to a group with write permissionWhy, by design, are group permissions ignored for the owner of a file?PHP user as member of a group cannot write to a folderUser and Group permissions for mnt folder and files access in CentOS 7Linux open() syscall and folder permissionsSMB user is owner of directory but it is using group permissionPermission denied - mkdir / No write access for GFolder group ownership permissions and problemsDoes Access Control lists override group or owner permissions?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
Then I gave rwx permission for a group called AdCNC as below
SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
SERVER1:~ #
ncaps1 is a user under AdCNC group.
SERVER1:~ # grep ncaps1 /etc/group
AdCNC:x:1005:ncaps1
SERVER1:~ #
Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.
SERVER1:~ #
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:AdCNC:rwx
default:mask::rwx
default:other::r-x
But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.
SERVER1:~ # su ncaps1
ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
ncaps1@SERVER1:/root>
Please help me to fix this problem.
permissions acl
add a comment |
I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
Then I gave rwx permission for a group called AdCNC as below
SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
SERVER1:~ #
ncaps1 is a user under AdCNC group.
SERVER1:~ # grep ncaps1 /etc/group
AdCNC:x:1005:ncaps1
SERVER1:~ #
Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.
SERVER1:~ #
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:AdCNC:rwx
default:mask::rwx
default:other::r-x
But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.
SERVER1:~ # su ncaps1
ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
ncaps1@SERVER1:/root>
Please help me to fix this problem.
permissions acl
add a comment |
I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
Then I gave rwx permission for a group called AdCNC as below
SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
SERVER1:~ #
ncaps1 is a user under AdCNC group.
SERVER1:~ # grep ncaps1 /etc/group
AdCNC:x:1005:ncaps1
SERVER1:~ #
Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.
SERVER1:~ #
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:AdCNC:rwx
default:mask::rwx
default:other::r-x
But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.
SERVER1:~ # su ncaps1
ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
ncaps1@SERVER1:/root>
Please help me to fix this problem.
permissions acl
I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
Then I gave rwx permission for a group called AdCNC as below
SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
SERVER1:~ #
ncaps1 is a user under AdCNC group.
SERVER1:~ # grep ncaps1 /etc/group
AdCNC:x:1005:ncaps1
SERVER1:~ #
Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.
SERVER1:~ #
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:AdCNC:rwx
default:mask::rwx
default:other::r-x
But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.
SERVER1:~ # su ncaps1
ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
ncaps1@SERVER1:/root>
Please help me to fix this problem.
permissions acl
permissions acl
edited Oct 7 '16 at 7:16
countermode
5,34842245
5,34842245
asked Oct 7 '16 at 6:13
RaneeshRaneesh
82
82
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Instead of executing:
setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
Execute:
setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/
With the d
you are applying to default. The output of:
getfacl /PPI/production/PDF_plan/
Should be:
SERVER1: ~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
group:AdCNC:rwx
other::r-x
default:user::rwx
default:group::r-x
default:mask::rwx
default:other::r-x
For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f314889%2faccess-denied-on-folders-for-users-though-they-have-the-rwx-permission-on-suse-l%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Instead of executing:
setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
Execute:
setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/
With the d
you are applying to default. The output of:
getfacl /PPI/production/PDF_plan/
Should be:
SERVER1: ~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
group:AdCNC:rwx
other::r-x
default:user::rwx
default:group::r-x
default:mask::rwx
default:other::r-x
For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.
add a comment |
Instead of executing:
setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
Execute:
setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/
With the d
you are applying to default. The output of:
getfacl /PPI/production/PDF_plan/
Should be:
SERVER1: ~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
group:AdCNC:rwx
other::r-x
default:user::rwx
default:group::r-x
default:mask::rwx
default:other::r-x
For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.
add a comment |
Instead of executing:
setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
Execute:
setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/
With the d
you are applying to default. The output of:
getfacl /PPI/production/PDF_plan/
Should be:
SERVER1: ~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
group:AdCNC:rwx
other::r-x
default:user::rwx
default:group::r-x
default:mask::rwx
default:other::r-x
For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.
Instead of executing:
setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
Execute:
setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/
With the d
you are applying to default. The output of:
getfacl /PPI/production/PDF_plan/
Should be:
SERVER1: ~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
group:AdCNC:rwx
other::r-x
default:user::rwx
default:group::r-x
default:mask::rwx
default:other::r-x
For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.
edited 11 hours ago
Rui F Ribeiro
42.1k1484142
42.1k1484142
answered Oct 7 '16 at 8:07
Iñaki MurilloIñaki Murillo
585312
585312
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f314889%2faccess-denied-on-folders-for-users-though-they-have-the-rwx-permission-on-suse-l%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
-acl, permissions