You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2015-09-04 18:59:44
- robin92
- Member
- From: Wroclaw, Poland
- Registered: 2013-10-20
- Posts: 24
- Website
Group permission not enforced
My problem is that I have a directory /opt/commondir that needs to be accessed (rwx) by multiple users. All of them are by default members of a group named after the user, eg (user1 is a member of user1 group, etc).
I've created a group common so and set permission on a directory
$ mkdir commondir; groupadd common
$ chgrp -R common commondir; chmod -R a=rwx commondir; chmod -R o-rwx commondir
$ ls -l
drwxrwx--- 2 root common 4096 Sep 4 19:18 commondirThen, I've added my users to just created group
$ gpasswd -a user1 common
Adding user user1 to group common
$ gpasswd -a user2 common
Adding user user2 to group commonAnd rebooted. When logged as user1 I am not able to write anything to /opt/commondir/ despite its permission.
$ touch /opt/commondir/helloworld
touch: cannot touch ‘/opt/commondir/helloworld’: Permission deniedSo I checked my groups which not listed common whatsoever, but when command has been invoked with user name everything seemed correct
$ groups
user1
$ groups $USER
user1 ... commonuser2 works as expected
$ groups
user2 ... common
$ groups $USER
user2 ... commonAny ideas why, despite having proper permissions, user1 is not able to write anything to /opt/commondir? Maybe I got everything wrong and my permissions are set improperly?
Last edited by robin92 (2015-09-04 19:01:52)
Offline
#2 2015-09-04 19:51:54
- Raynman
- Member
- Registered: 2011-10-22
- Posts: 1,539
Re: Group permission not enforced
user1 probably logged in before you added it to the common group and user2 after? When you pass $USER as an argument, I assume groups reads /etc/group instead of the group set associated with the current user.
If you desperately want to avoid logging out and back in while you're adjusting the permissions, you could look at workarounds: http://superuser.com/questions/272061/r … ogging-out
Offline
#3 2015-09-04 20:09:21
- robin92
- Member
- From: Wroclaw, Poland
- Registered: 2013-10-20
- Posts: 24
- Website
Re: Group permission not enforced
@Raynman
I've rebooted after adding users to common group.
Offline
#4 2015-09-04 20:26:46
- Raynman
- Member
- Registered: 2011-10-22
- Posts: 1,539
Re: Group permission not enforced
Right, sorry, I seem to have missed that. The weird thing is this then:
$ groups user1 $ groups $USER user1 ... common
The dots suggest there are more groups missing? So groups without argument only shows the primary group? Did you log in with both users in exactly the same way? Or is there some difference (use of su or whatever) that might be connected to this?
Do pwck and grpck indicate any issues? Maybe also compare `id` output?
Last edited by Raynman (2015-09-04 20:28:43)
Offline
#5 2015-09-05 06:35:24
- robin92
- Member
- From: Wroclaw, Poland
- Registered: 2013-10-20
- Posts: 24
- Website
Re: Group permission not enforced
Did you log in with both users in exactly the same way? Or is there some difference (use of su or whatever) that might be connected to this?
It looks like you've got the point. All operations were performed as user1 (with sudo when needed) and then I've run
su user2. So the current state is that when logged as user1:
$ groups
user1
$ groups $USER
user1 ... common
$ su user2
Password:
$ groups
user2 ... common
Ctrl+D
$ su user1
Password:
$ groups
user1 ... commonSo it looks like login manager (slim) doesn't set secondary groups properly?
Right, sorry, I seem to have missed that. The weird thing is this then:
Do pwck and grpck indicate any issues? Maybe also compare `id` output?
Clean exit on both, but I did found some differences between issue-free VM (slim + i3wm) and my native PC (slim + i3wm). On VM UID & GID of user1 are different (1000 & 1001 respectively) whereas they are the same on PC (1000 & 1000). User user2 on PC is not affected by this issue and its UID & GID doesn't match as well. Here're passwd.
EDIT: Issue resolved, was caused by slim. Dunno why though, worked on VM... Thanks for help.
Last edited by robin92 (2015-09-05 07:39:32)
Offline
#6 2015-09-05 11:38:46
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,523
- Website
Re: Group permission not enforced
Slim has no ability to affect this. It looks like user1 has not logged out and logged back in since the change. That would perfectly explain a difference between the output of `users` and `users $USER`. I'm pretty sure it is the *only* thing that could explain it.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
Pages: 1