Access denied on folders for users though they have the rwx permission on SUSE Linux Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election Results Why I closed the “Why is Kali so hard” questionWhy do I get “Permission Denied” errors even though I have group permission?Unable to access a directory despite belonging to a group with write permissionWhy, by design, are group permissions ignored for the owner of a file?PHP user as member of a group cannot write to a folderUser and Group permissions for mnt folder and files access in CentOS 7Linux open() syscall and folder permissionsSMB user is owner of directory but it is using group permissionPermission denied - mkdir / No write access for GFolder group ownership permissions and problemsDoes Access Control lists override group or owner permissions?

Is the Standard Deduction better than Itemized when both are the same amount?

How widely used is the term Treppenwitz? Is it something that most Germans know?

How to find out what spells would be useless to a blind NPC spellcaster?

How to tell that you are a giant?

Using et al. for a last / senior author rather than for a first author

String `!23` is replaced with `docker` in command line

51k Euros annually for a family of 4 in Berlin: Is it enough?

What causes the vertical darker bands in my photo?

Dating a Former Employee

Why are there no cargo aircraft with "flying wing" design?

If a contract sometimes uses the wrong name, is it still valid?

Why aren't air breathing engines used as small first stages

Why are Kinder Surprise Eggs illegal in the USA?

How discoverable are IPv6 addresses and AAAA names by potential attackers?

What does this icon in iOS Stardew Valley mean?

Ring Automorphisms that fix 1.

3 doors, three guards, one stone

What's the meaning of 間時肆拾貳 at a car parking sign

Why is "Consequences inflicted." not a sentence?

When were vectors invented?

The logistics of corpse disposal

Do I really need recursive chmod to restrict access to a folder?

What is Arya's weapon design?

ListPlot join points by nearest neighbor rather than order



Access denied on folders for users though they have the rwx permission on SUSE Linux



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
2019 Community Moderator Election Results
Why I closed the “Why is Kali so hard” questionWhy do I get “Permission Denied” errors even though I have group permission?Unable to access a directory despite belonging to a group with write permissionWhy, by design, are group permissions ignored for the owner of a file?PHP user as member of a group cannot write to a folderUser and Group permissions for mnt folder and files access in CentOS 7Linux open() syscall and folder permissionsSMB user is owner of directory but it is using group permissionPermission denied - mkdir / No write access for GFolder group ownership permissions and problemsDoes Access Control lists override group or owner permissions?



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.



SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x


Then I gave rwx permission for a group called AdCNC as below



SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
SERVER1:~ #


ncaps1 is a user under AdCNC group.



SERVER1:~ # grep ncaps1 /etc/group
AdCNC:x:1005:ncaps1
SERVER1:~ #


Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.



SERVER1:~ #
SERVER1:~ # getfacl /PPI/production/PDF_plan/
getfacl: Removing leading '/' from absolute path names
# file: PPI/production/PDF_plan/
# owner: ppi
# group: ppi
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:AdCNC:rwx
default:mask::rwx
default:other::r-x


But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.



SERVER1:~ # su ncaps1
ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
ncaps1@SERVER1:/root>


Please help me to fix this problem.










share|improve this question






























    0















    I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.



    SERVER1:~ # getfacl /PPI/production/PDF_plan/
    getfacl: Removing leading '/' from absolute path names
    # file: PPI/production/PDF_plan/
    # owner: ppi
    # group: ppi
    user::rwx
    group::r-x
    other::r-x


    Then I gave rwx permission for a group called AdCNC as below



    SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
    SERVER1:~ #


    ncaps1 is a user under AdCNC group.



    SERVER1:~ # grep ncaps1 /etc/group
    AdCNC:x:1005:ncaps1
    SERVER1:~ #


    Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.



    SERVER1:~ #
    SERVER1:~ # getfacl /PPI/production/PDF_plan/
    getfacl: Removing leading '/' from absolute path names
    # file: PPI/production/PDF_plan/
    # owner: ppi
    # group: ppi
    user::rwx
    group::r-x
    other::r-x
    default:user::rwx
    default:group::r-x
    default:group:AdCNC:rwx
    default:mask::rwx
    default:other::r-x


    But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.



    SERVER1:~ # su ncaps1
    ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
    cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
    ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
    mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
    ncaps1@SERVER1:/root>


    Please help me to fix this problem.










    share|improve this question


























      0












      0








      0


      2






      I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.



      SERVER1:~ # getfacl /PPI/production/PDF_plan/
      getfacl: Removing leading '/' from absolute path names
      # file: PPI/production/PDF_plan/
      # owner: ppi
      # group: ppi
      user::rwx
      group::r-x
      other::r-x


      Then I gave rwx permission for a group called AdCNC as below



      SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
      SERVER1:~ #


      ncaps1 is a user under AdCNC group.



      SERVER1:~ # grep ncaps1 /etc/group
      AdCNC:x:1005:ncaps1
      SERVER1:~ #


      Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.



      SERVER1:~ #
      SERVER1:~ # getfacl /PPI/production/PDF_plan/
      getfacl: Removing leading '/' from absolute path names
      # file: PPI/production/PDF_plan/
      # owner: ppi
      # group: ppi
      user::rwx
      group::r-x
      other::r-x
      default:user::rwx
      default:group::r-x
      default:group:AdCNC:rwx
      default:mask::rwx
      default:other::r-x


      But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.



      SERVER1:~ # su ncaps1
      ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
      cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
      ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
      mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
      ncaps1@SERVER1:/root>


      Please help me to fix this problem.










      share|improve this question
















      I have a folder /PPI/production/PDF_plan/ on SLES 12 SP1 system. Please find the details below.



      SERVER1:~ # getfacl /PPI/production/PDF_plan/
      getfacl: Removing leading '/' from absolute path names
      # file: PPI/production/PDF_plan/
      # owner: ppi
      # group: ppi
      user::rwx
      group::r-x
      other::r-x


      Then I gave rwx permission for a group called AdCNC as below



      SERVER1:~ # setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/
      SERVER1:~ #


      ncaps1 is a user under AdCNC group.



      SERVER1:~ # grep ncaps1 /etc/group
      AdCNC:x:1005:ncaps1
      SERVER1:~ #


      Please find below the getfacl output on this folder now. It clearly shows that AdCNC group now has the rwx permission on this folder.



      SERVER1:~ #
      SERVER1:~ # getfacl /PPI/production/PDF_plan/
      getfacl: Removing leading '/' from absolute path names
      # file: PPI/production/PDF_plan/
      # owner: ppi
      # group: ppi
      user::rwx
      group::r-x
      other::r-x
      default:user::rwx
      default:group::r-x
      default:group:AdCNC:rwx
      default:mask::rwx
      default:other::r-x


      But When I try to create a folder or write a file on /PPI/production/PDF_plan/ I am getting 'Permission denied' error message.



      SERVER1:~ # su ncaps1
      ncaps1@SERVER1:/root> cp /Ran/ExistingConfiguration/smb.conf /PPI/production/PDF_plan/
      cp: cannot create regular file ‘/PPI/production/PDF_plan/smb.conf’: Permission denied
      ncaps1@SERVER1:/root> mkdir /PPI/production/PDF_plan/TestFolder
      mkdir: cannot create directory ‘/PPI/production/PDF_plan/TestFolder’: Permission denied
      ncaps1@SERVER1:/root>


      Please help me to fix this problem.







      permissions acl






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Oct 7 '16 at 7:16









      countermode

      5,34842245




      5,34842245










      asked Oct 7 '16 at 6:13









      RaneeshRaneesh

      82




      82




















          1 Answer
          1






          active

          oldest

          votes


















          0














          Instead of executing:



          setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/


          Execute:



          setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/


          With the d you are applying to default. The output of:



          getfacl /PPI/production/PDF_plan/


          Should be:



          SERVER1: ~ # getfacl /PPI/production/PDF_plan/
          getfacl: Removing leading '/' from absolute path names
          # file: PPI/production/PDF_plan/
          # owner: ppi
          # group: ppi
          user::rwx
          group::r-x
          group:AdCNC:rwx
          other::r-x
          default:user::rwx
          default:group::r-x
          default:mask::rwx
          default:other::r-x


          For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.






          share|improve this answer

























            Your Answer








            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f314889%2faccess-denied-on-folders-for-users-though-they-have-the-rwx-permission-on-suse-l%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            Instead of executing:



            setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/


            Execute:



            setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/


            With the d you are applying to default. The output of:



            getfacl /PPI/production/PDF_plan/


            Should be:



            SERVER1: ~ # getfacl /PPI/production/PDF_plan/
            getfacl: Removing leading '/' from absolute path names
            # file: PPI/production/PDF_plan/
            # owner: ppi
            # group: ppi
            user::rwx
            group::r-x
            group:AdCNC:rwx
            other::r-x
            default:user::rwx
            default:group::r-x
            default:mask::rwx
            default:other::r-x


            For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.






            share|improve this answer





























              0














              Instead of executing:



              setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/


              Execute:



              setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/


              With the d you are applying to default. The output of:



              getfacl /PPI/production/PDF_plan/


              Should be:



              SERVER1: ~ # getfacl /PPI/production/PDF_plan/
              getfacl: Removing leading '/' from absolute path names
              # file: PPI/production/PDF_plan/
              # owner: ppi
              # group: ppi
              user::rwx
              group::r-x
              group:AdCNC:rwx
              other::r-x
              default:user::rwx
              default:group::r-x
              default:mask::rwx
              default:other::r-x


              For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.






              share|improve this answer



























                0












                0








                0







                Instead of executing:



                setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/


                Execute:



                setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/


                With the d you are applying to default. The output of:



                getfacl /PPI/production/PDF_plan/


                Should be:



                SERVER1: ~ # getfacl /PPI/production/PDF_plan/
                getfacl: Removing leading '/' from absolute path names
                # file: PPI/production/PDF_plan/
                # owner: ppi
                # group: ppi
                user::rwx
                group::r-x
                group:AdCNC:rwx
                other::r-x
                default:user::rwx
                default:group::r-x
                default:mask::rwx
                default:other::r-x


                For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.






                share|improve this answer















                Instead of executing:



                setfacl -Rdm g:AdCNC:rwx /PPI/production/PDF_plan/


                Execute:



                setfacl -Rm g:AdCNC:rwx /PPI/production/PDF_plan/


                With the d you are applying to default. The output of:



                getfacl /PPI/production/PDF_plan/


                Should be:



                SERVER1: ~ # getfacl /PPI/production/PDF_plan/
                getfacl: Removing leading '/' from absolute path names
                # file: PPI/production/PDF_plan/
                # owner: ppi
                # group: ppi
                user::rwx
                group::r-x
                group:AdCNC:rwx
                other::r-x
                default:user::rwx
                default:group::r-x
                default:mask::rwx
                default:other::r-x


                For more information please see the POSIX Access Control Lists on Linux whitepaper put together by Andreas Grünbacher of the SuSE Labs.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited 11 hours ago









                Rui F Ribeiro

                42.1k1484142




                42.1k1484142










                answered Oct 7 '16 at 8:07









                Iñaki MurilloIñaki Murillo

                585312




                585312



























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Unix & Linux Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f314889%2faccess-denied-on-folders-for-users-though-they-have-the-rwx-permission-on-suse-l%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -acl, permissions

                    Popular posts from this blog

                    Frič See also Navigation menuinternal link

                    Identify plant with long narrow paired leaves and reddish stems Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?What is this plant with long sharp leaves? Is it a weed?What is this 3ft high, stalky plant, with mid sized narrow leaves?What is this young shrub with opposite ovate, crenate leaves and reddish stems?What is this plant with large broad serrated leaves?Identify this upright branching weed with long leaves and reddish stemsPlease help me identify this bulbous plant with long, broad leaves and white flowersWhat is this small annual with narrow gray/green leaves and rust colored daisy-type flowers?What is this chilli plant?Does anyone know what type of chilli plant this is?Help identify this plant

                    fontconfig warning: “/etc/fonts/fonts.conf”, line 100: unknown “element blank” The 2019 Stack Overflow Developer Survey Results Are In“tar: unrecognized option --warning” during 'apt-get install'How to fix Fontconfig errorHow do I figure out which font file is chosen for a system generic font alias?Why are some apt-get-installed fonts being ignored by fc-list, xfontsel, etc?Reload settings in /etc/fonts/conf.dTaking 30 seconds longer to boot after upgrade from jessie to stretchHow to match multiple font names with a single <match> element?Adding a custom font to fontconfigRemoving fonts from fontconfig <match> resultsBroken fonts after upgrading Firefox ESR to latest Firefox