Questions tagged [file-permissions]
Most current file systems have methods of administering permissions or access rights for specific users and groups of users. These systems control the ability of the users to view or modify the contents of the filesystem.
984
questions
571
votes
6
answers
501k
views
ssh returns "Bad owner or permissions on ~/.ssh/config"
When I try to ssh to another box, I get this strange error
$ ssh hostname
Bad owner or permissions on ~/.ssh/config
But I made sure that I own and have rw permissions on the file:
ls -la ~/.ssh/
...
235
votes
4
answers
183k
views
What's the best way of handling permissions for Apache 2's user www-data in /var/www?
Has anyone got a nice solution for handling files in /var/www? We're running Name Based Virtual Hosts and the Apache 2 user is www-data.
We've got two regular users & root. So when messing with ...
207
votes
3
answers
206k
views
What does a + mean at the end of the permissions from ls -l?
What is the plus sign at the end of the permissions telling me?
ls -l
total 4
drwxrwxrwx+ 2 benson avahi-autoipd 4096 Jan 27 17:37 docs
Here's the context:
cat /etc/issue
\CentOS release 5.3 (Final)...
64
votes
2
answers
106k
views
What Should be the Permissions of Apache SSL Directory, Certificate, and Key?
I have my cert.pem and cert.key files in /etc/apache2/ssl folders.
What would be the most secure permissions and ownership of:
/etc/apache2/ssl directory
/etc/apache2/ssl/cert.pem file
/etc/apache2/...
40
votes
1
answer
4k
views
Why can I update a file owned by root using sudo vi, but not append a line to it with sudo echo "Thing" >> file?
I would like to have script that is doing automated migrations of websites from another be able to append Includes to the /etc/httpd/conf.d/vhosts.conf file.
However, when I try to use echo to put ...
39
votes
3
answers
15k
views
Copy a file's owner permissions to group permissions
How can I copy a file's user/owner permissions to it's group permissions?
For example if the permissions are 755 I want them to become 775.
Clarification:
755 -> 775
123 -> 113
abc -> aac
Bonus if ...
26
votes
4
answers
13k
views
OSX mojave: "crontab: tmp/tmp.X: Operation not permitted"
After updating my OSX to Mojave, it seems I am no longer able to edit my crontab. Any attempt to do so results in the error message on the title of this question.
I tracked crontab to /private/var/at ...
25
votes
2
answers
72k
views
How to add a file to a docker container which has no root permissions?
I'm trying to add a file to a Docker image built from the official tomcat image. That image does not seem to have root rights, as I'm logged in as user tomcat if I run bash:
docker run -it tomcat /...
24
votes
8
answers
11k
views
Restrict a Linux user to the files he owns
Imagine a server setup of a shared webhosting company where multiple (~100) customers have shell access to a single server.
A lot of web "software" recommends to chmod files 0777. I'm nervous about ...
23
votes
7
answers
23k
views
Copy permissions to identical tree on linux / unix
i have a tree of files with correct permission. then i have a (filewise) identical tree (with different file contents tough) with wrong permissions.
how can i transfer the permissions layout from ...
23
votes
1
answer
33k
views
php script can't access /tmp folder
I have no open_basedir, php can access /etc /usr /proc /home etc… but not /tmp.
tmpfs is mount on /tmp (/tmp type tmpfs (rw))
That's also the reason I want to use the /tmp folder.
My files are owned ...
23
votes
7
answers
59k
views
What is the most secure way to allow a user read access to a log file?
My application requires read access to /var/log/messages, which belongs to user and group root. What is the minimal exposure level required on /var/log/messages so my application can read it?
...
21
votes
5
answers
108k
views
chmod: changing permissions of 'myscript.sh' : Operation not permitted
While running the following docker file I am getting "chmod: changing permissions of '/scripts/entrypoint.sh': Operation not permitted" error.
FROM sonarqube:7.7-community
ADD plugins/* /plugins/
ADD ...
20
votes
5
answers
46k
views
How to configure PHP CLI on linux ubuntu to run as www-data?
I have a symfony2 application on my ubuntu. Symfony has a plenty of useful console commands (like php app/console cache:clear or php app/console assets:install web).
The problem is If I run them as ...
19
votes
6
answers
53k
views
Copy file permissions from one directory to another
Over the weekend I copied our company data from one hard drive to another larger one. I thought permission would have copied across but they haven't.
What is the best (and quickest) way to copy the ...
17
votes
2
answers
19k
views
setfacl to reset file to default permissions?
I have a directory with the following default ACLs:
default:user:phptutor:rwx
However, none of the files/directories in that directory have that default permission (because it was added after they ...
16
votes
3
answers
6k
views
Program file exists in /usr/bin, but cannot be used
Clearly my file exists in /usr/bin
$ ls /usr/bin/ngrok
/usr/bin/ngrok
However, when I attempt to chown it I receive an error
$ sudo chown my_user:users /usr/bin/ngrok
chown: cannot dereference '/...
16
votes
9
answers
63k
views
wget starts downloading then stops "cannot write to"
I'm using wget to mirror some files across from one server to another. I'm using the following command:
wget -x -N -i http://domain.com/filelist.txt
-x = Because I want to keep the directory ...
14
votes
1
answer
115k
views
What is a S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX called in Windows security?
I copied two trees, a source and a destination, that I copied with robocopy like this:
robocopy /MIR C:\Windows\System32\tasks\ C:\temp\robocopyTasks\out\
robocopy /E /Copy:S /IS /IT C:\Windows\...
14
votes
5
answers
2k
views
Copy file permissions, but not files in Unix
(From : https://stackoverflow.com/questions/15245144/copy-file-permissions-but-not-files, closed because off-topic)
I have two copies of the same directory tree. They almost have the same files in ...
14
votes
1
answer
59k
views
What is the t in drwxrwxrwt or the value of t? [duplicate]
ls -al / shows a folder:
drwxrwxrwt 2 root root 4096 Feb 26 09:00 tmp
What does the last character t mean in drwxrwxrwt?
13
votes
1
answer
59k
views
Nginx doesn't have permission to access files with the same ownership
i've just installed nginx on an Archlinux box and encounter this problem:
Nginx is configured to run as "nginx", a new user/group that I added, in /etc/nginx/nginx.conf:
user nginx nginx;
For ...
13
votes
4
answers
69k
views
How do I force specific permissions for new files/folders on Linux file server?
I'm having an issue with my install of Ubuntu 9.10 (file server) and its samba permissions. Logging in and reading works fine. However, creation of new directories by users restricts access for other ...
13
votes
2
answers
43k
views
Unable to assign group permissions with ICACLS on Windows Server 2012
I cannot get icacls to accept my group for adding permissions. I am using an elevated power shell with the following command:
icacls 'C:/foo' /grant:r 'Group Foo':f
I get the following error:
...
13
votes
3
answers
27k
views
Can Samba support full Windows-ACLs?
I've set up a Samba 3 host with AD integration and an ACL enabled filesystem. Using a windows client I can set users and groups permissions.
Up to now, Samba just maps to POSIX ACL's rwx permissions, ...
13
votes
2
answers
13k
views
apache2: Saves files on /tmp in a 'system-private-[hash]' instead of just saving folders as defined in the code
For some reason, when I try to save a file (generated by PHP under /www/appname/module) - it is saved under
/tmp/systemd-private-015eb2e9f67b4eef862c68e99fe0ba30-apache2.service-9h6i08
and when ...
12
votes
3
answers
22k
views
FTP and Apache permission issues
Im having issues as to which user should own my www directory - ftp or apache?
When set to the ftp user, the user can add, remoe and easily modify files but php file system actions generate permission ...
12
votes
2
answers
25k
views
What is the best way to fix NTFS file permissions to inherit parent?
When XP clients move files on the same volume, the permissions are moved with it. With Windows 7 clients and up, when a file is moved, the permissions are inherited.
Unfortunately, we still have a ...
11
votes
2
answers
4k
views
How are r-- directory permissions supposed to work on Linux?
I have created directory a created has these permissions - the other user has
drwxr--r-- 5 user user 4096 2012-09-15 19:30 sites
When do an ls -l on the directory as another user
ls -l /...
10
votes
2
answers
39k
views
Windows Service can't access network share
I have a Windows service running on my local machine. It's configured to run under NT AUTHORITY\NETWORK SERVICE. The program access a network shared drive on a computer in the same subnet. That shared ...
10
votes
2
answers
14k
views
DFS replication and the SYSTEM user (NTFS permissions)
Question for which I'm having trouble finding an answer on Google or Technet...
Does granting the SYSTEM user permissions to DFS-shared files and folders have any effect on DFS replication? (And ...
9
votes
2
answers
749
views
My server Admin wants me to set public write permissions on a directory
I'm relatively new to web development, so please be patient.
I'm primarily an iPhone developer, but have recently done a site for someone else using shared hosting. I could write to files in PHP on ...
9
votes
2
answers
3k
views
Why can the root user edit read-only files, but a regular user with sudo access can't?
If you try to append to a file with no write permissions (say, the /etc/sudoers file which is is owned by root and has 0440 permissions), if you're the actual root user, this works. However, if you're ...
9
votes
2
answers
21k
views
What should be the right logs permissions for NGINX on CentOS?
on /var/log/nginx/ I have access and error logs. Some are .log errors and others have .gz
I think I messed up with the permissions. Some files are created by root/root, other files are created using ...
9
votes
1
answer
2k
views
etckeeper, Git checkout, and broken file permissions in /etc
I wanted to figure out why, after a etckeeper commit, I had a problem with rebooting (already solved thanks to this great thing).
I played with etckeeper, did git checkout some_commit_sha for a quick ...
8
votes
4
answers
7k
views
Stop users from saving files with specific extension in specific directories
Background
Users who cannot be stripped from server administrator rights tend to forget that hell will break lose when they save database backups (.bak) on C: and fill the drive.
Question
Is it ...
8
votes
3
answers
2k
views
How do I add permissions to group to match user permissions?
Some one messed up /usr/local/ permissions, so that nobody else can access it. Now I would like to duplicate user permissions to group permissions, since chmod g+rx -R /usr/local is unsafe. How should ...
8
votes
1
answer
4k
views
Managing Security Groups for NTFS Permissions
To start off with, I work for a company that a long time ago when they implemented file shares for each division, they also broke the cardinal rule of NTFS permissions and used explicit permissions ...
8
votes
3
answers
64k
views
How to specify file permission when putting a file using OpenSSH sftp command
I am using various SFTP clients for uploading files to an SFTP server and I have a problem with default permission used when putting files.
When requesting to put a file, SFTP client like WinSCP or ...
8
votes
1
answer
3k
views
Should /usr/local/bin be owned by root?
Package manager Homebrew (I'm on OS X, but I'm curious about Unix-based security in general, as it pertains to directory permissions) set the owner of /usr/local/bin to my user (it's root by default, ...
8
votes
1
answer
33k
views
Folder permissions, red x on user object
On shared folders on the file server, for the domain user name object under the security tab, the icon has a red x.
There are no symptoms, the users have full access, there is just a red x on the ...
8
votes
1
answer
16k
views
What do you do to fix corrupted or blocked permissions on company file shares?
Lately I have been working with one of our storage guys on a project that has involved some scrutiny of big file shares that have been used by the company for years. Frequently, we run into ...
7
votes
5
answers
4k
views
How to add a line to the end of a file which I can access via sudo?
I have tried:
sudo "some string" >> test.txt
But I am getting permission denied warning.
Can anyone help?
7
votes
3
answers
8k
views
A network share folder is invisible to users
I have a network share folder that I was recently cleaning up permissions to. I took off the four individual names from the access permissions to the folder, and added a new security group (Universal) ...
7
votes
2
answers
12k
views
Cronjob not running as apache
I have a cron job that runs a PHP script and creates files (images). But the cron job is running as me (being me my own username), not apache, nobody, httpd, www... and all the files created belongs ...
7
votes
2
answers
16k
views
mysql doesn't start after relocating data dir
I have a web-server where the default installation of mysql places all its database files in /var/lib/mysql. The partition where /var is mounted has only 2GB of space, so after running in space ...
7
votes
1
answer
2k
views
Do /usr/local and /usr/local/bin need to be group-writable? If so, why?
While it's possible that it's a fluke of a package I installed or the VPS image, it appears that /usr/local and /usr/local/bin (both of which are owned by root:staff) are group-writable by default on ...
7
votes
2
answers
16k
views
how can I mount a windows share with rw access?
The question is in the title.
Here is what I tried but the folder is read only.
sudo mount -t cifs -o username=maazza,domain=MYDOMAIN //192.168.123.2/company-files /mnt/test
I am on debian jessie.
...
7
votes
3
answers
7k
views
Forward SFTP user to chroot subdirectory after authentication
I've set up a SFTP server using OpenSSH, everything works fine and the users I created can connect.
After authentication, the users find themselves directly inside /chroot, a directory they are not ...
7
votes
3
answers
20k
views
How to set default umask for Tomcat webdav servlet?
The title says it all. I need Tomcat's webdav servlet to create files with rw-rw-r-- rights, but it keeps creating it as rw-r--r--. I tried to set up umask in /etc/profile, but it didn't help (...