* Carlos E. R. <robin.listas@telefonica.net> [04-12-19 16:04]:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
In a nutshell:
cer-g@Isengard:/data/My_Book/Fusion/Videos> l Conviction/ ls: cannot open directory 'Conviction/': Permission denied cer-g@Isengard:/data/My_Book/Fusion/Videos> l | grep Conviction/ drwxrwxr-T+ 3 cer cer 33 Jun 21 2017 Conviction/ cer-g@Isengard:/data/My_Book/Fusion/Videos> pwd /data/My_Book/Fusion/Videos cer-g@Isengard:/data/My_Book/Fusion/Videos> whoami cer-g cer-g@Isengard:/data/My_Book/Fusion/Videos> groups users cer cer-g@Isengard:/data/My_Book/Fusion/Videos>
cer-g@Isengard:/data/My_Book/Fusion> l total 12 drwxr-xr-x 3 cer cer 28 Jul 20 2018 ./ drwxr-xr-x 4 root root 34 Nov 3 18:29 ../ drwxrwxr-T+ 52 cer cer 8192 Apr 12 03:43 Videos/ cer-g@Isengard:/data/My_Book/Fusion>
cer-g@Isengard:/data/My_Book/Fusion/Videos> mount | grep My /dev/mapper/cr_my_book on /data/My_Book type xfs (rw,nosuid,nodev,relatime,lazytime,attr2,inode64,noquota,user) cer-g@Isengard:/data/My_Book/Fusion/Videos>
User "cer-g" is member of groups "users" and "cer"
Directory has group permission "rwx" and is owned by "cer:cer" Same for parent directory.
The user "cer-g" is denied access to the directory "Conviction/" and others.
Why?
I also have this:
cer-g@Isengard:/data/My_Book/Fusion/Videos> getfacl Conviction # file: Conviction # owner: cer # group: cer # flags: --t user::rwx user:wwwrun:r-x group::--- mask::rwx other::r--
man getfacl says:
Lines 5, 7 and 10 correspond to the user, group and other fields of the file mode permission bits. These three are called the base ACL entries. Lines 6 and 8 are named user and named group entries. Line 9 is the effective rights mask. This entry limits the effective rights granted to all groups and to named users. (The file owner and others permissions are not affected by the effective rights mask; all other entries are.) Lines 11--15 display the default ACL associated with this directory. Directories may have a default ACL. Regular files never have a default ACL.
I'm a bit list here. My intention was to give user wwwrun read access (which it does have, apache works).
But the line "group::---" confuses me.
- -- Cheers
Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar) -----BEGIN PGP SIGNATURE-----
iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXLDu4xwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVHX8AoJTG6pR9Y04Len/nOv3B G0CzH+WQAJwJCuu3RAvvQLdQDjAsNmKe2Pz2tQ== =Iaxt -----END PGP SIGNATURE-----
www and wwwrun are groups themselves. add user cer-g to wwwrun group. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Registered Linux User #207535 @ http://linuxcounter.net Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org