PDA

View Full Version : PERMISSION ISSUE



evonsmith
21-Sep-2017, 04:48
I've mounted my RAID to /srv/data. I can't read all the files and subdirectories there but I can only write to 1 sub directory even as root. I have no idea what to do to fix this. The only directory I can write to is /nicole https://pastebin.com/sW524LNY. I appreciate the help.

smflood
21-Sep-2017, 11:25
On 21/09/17 04:54, evonsmith wrote:

> I've mounted my RAID to /srv/data. I can't read all the files and
> subdirectories there but I can only write to 1 sub directory even as
> root. I have no idea what to do to fix this. The only directory I can
> write to is /nicole https://pastebin.com/sW524LNY. I appreciate the
> help.

Firstly please note that this forum is for issues relating to SUSE Linux
Enterprise Server for SAP Applications and not a general "applications
support" forum. I see nothing in your post (or screenshot) that suggests
you are using (or this issue is specific to) SLES for SAP Applications.

In fact I see nothing to suggest that this is even related to SUSE Linux
Enterprise products as this seems a general Linux permissions issue.
User root can write to the nicole directory because you have granted
other users rwx whereas all other directories are rx for other users.

If you want to follow up on this issue I suggest that you repost it in a
more appropriate SUSE Linux forum.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------

jmozdzen
22-Sep-2017, 13:25
Hi evonsmith,

in addition to Simon's comments, please show how you mounted that file system, i.e. via the result from "mount|grep /srv/data". Typically, if this is a mount of a local device (as your message implies - RAID devices normally are local to the server), then being root should allow you to write to any directory that's not "mode 0". But if this is mounted i.e. via NFS, other rules apply.

If this is local, please show us the complete console log from running "id" (to show which user with which numeric ID you're running the commands as) and i.e. "touch /srv/data/music/testfile". Please include the command lines, not only the output. You can place the results in your forum message, wrapped in a "
..." block, rather than using pastebin (for it's a relatively short output).

And please let us know where this thread it to continue, if you take it to some other forum (for not being "SLES for SAP Applications"-specific).

Regards,
J

evon
22-Sep-2017, 22:11
Hi evonsmith,

in addition to Simon's comments, please show how you mounted that file system, i.e. via the result from "mount|grep /srv/data". Typically, if this is a mount of a local device (as your message implies - RAID devices normally are local to the server), then being root should allow you to write to any directory that's not "mode 0". But if this is mounted i.e. via NFS, other rules apply.

If this is local, please show us the complete console log from running "id" (to show which user with which numeric ID you're running the commands as) and i.e. "touch /srv/data/music/testfile". Please include the command lines, not only the output. You can place the results in your forum message, wrapped in a "
..." block, rather than using pastebin (for it's a relatively short output).

And please let us know where this thread it to continue, if you take it to some other forum (for not being "SLES for SAP Applications"-specific).

Regards,
J

Thank you both for taking the time to reply. I neglected to mention that my write issue is only in relation to accessing the directories via samba. The reason I could write to /nicole was because the permissions were set to 777. I've since changed it to 775 and now I can't write to anything. If I'm posting in the wrong place, please let me know what the appropriate place is for me to post. Thanks in advance for the help. Here's my samba config:



# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
[global]
workgroup = WORKGROUP
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
domain logons = No
domain master = No
security = user
wins support = No

[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes

[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
guest ok = No

[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/

[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes

## Share disabled by YaST
# [printers]
# comment = All Printers
# path = /var/tmp
# printable = Yes
# create mask = 0600
# browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775

[netlogon]

[sscloud]
inherit acls = Yes
path = /srv/data
read only = No
guest ok = Yes
inherit permissions = Yes
create mask = 0640
directory mask = 0750

[Nicole]
inherit acls = Yes
inherit permissions = Yes
path = /srv/data/nicole
read only = No

[evon]
inherit acls = Yes
path = /srv/data/evon
read only = No

smflood
22-Sep-2017, 22:44
evon Wrote in message:

> Thank you both for taking the time to reply. I neglected to mention
> that my write issue is only in relation to accessing the directories via
> samba. The reason I could write to /nicole was because the permissions
> were set to 777. I've since changed it to 775 and now I can't write to
> anything. If I'm posting in the wrong place, please let me know what
> the appropriate place is for me to post. Thanks in advance for the
> help. Here's my samba config:
>
>
> Code:
> --------------------
>
> # smb.conf is the main Samba configuration file. You find a full commented
> # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
> # samba-doc package is installed.
> [global]
> workgroup = WORKGROUP
> passdb backend = tdbsam
> printing = cups
> printcap name = cups
> printcap cache time = 750
> cups options = raw
> map to guest = Bad User
> include = /etc/samba/dhcp.conf
> logon path = \\%L\profiles\.msprofile
> logon home = \\%L\%U\.9xprofile
> logon drive = P:
> usershare allow guests = No
> add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
> domain logons = No
> domain master = No
> security = user
> wins support = No
>
> [homes]
> comment = Home Directories
> valid users = %S, %D%w%S
> browseable = No
> read only = No
> inherit acls = Yes
>
> [profiles]
> comment = Network Profiles Service
> path = %H
> read only = No
> store dos attributes = Yes
> create mask = 0600
> directory mask = 0700
> guest ok = No
>
> [users]
> comment = All users
> path = /home
> read only = No
> inherit acls = Yes
> veto files = /aquota.user/groups/shares/
>
> [groups]
> comment = All groups
> path = /home/groups
> read only = No
> inherit acls = Yes
>
> ## Share disabled by YaST
> # [printers]
> # comment = All Printers
> # path = /var/tmp
> # printable = Yes
> # create mask = 0600
> # browseable = No
>
> [print$]
> comment = Printer Drivers
> path = /var/lib/samba/drivers
> write list = @ntadmin root
> force group = ntadmin
> create mask = 0664
> directory mask = 0775
>
> [netlogon]
>
> [sscloud]
> inherit acls = Yes
> path = /srv/data
> read only = No
> guest ok = Yes
> inherit permissions = Yes
> create mask = 0640
> directory mask = 0750
>
> [Nicole]
> inherit acls = Yes
> inherit permissions = Yes
> path = /srv/data/nicole
> read only = No
>
> [evon]
> inherit acls = Yes
> path = /srv/data/evon
> read only = No
>
> --------------------

This clearly isn't an issue specifically relating to SLES for SAP
Applications so I suggest that you start a new thread in the SLES
Configure/Administer forum @
https://forums.suse.com/forumdisplay.php?16-SLES-Configure-Administer

Please can you also include the output from "cat /etc/*release" so
we know which version of SLES you are using.

HTH.
--
Simon Flood
SUSE Knowledge Partner


----Android NewsGroup Reader----
http://usenet.sinaapp.com/

evon
22-Sep-2017, 23:35
evon Wrote in message:

> Thank you both for taking the time to reply. I neglected to mention
> that my write issue is only in relation to accessing the directories via
> samba. The reason I could write to /nicole was because the permissions
> were set to 777. I've since changed it to 775 and now I can't write to
> anything. If I'm posting in the wrong place, please let me know what
> the appropriate place is for me to post. Thanks in advance for the
> help. Here's my samba config:
>
>
> Code:
> --------------------
>
> # smb.conf is the main Samba configuration file. You find a full commented
> # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
> # samba-doc package is installed.
> [global]
> workgroup = WORKGROUP
> passdb backend = tdbsam
> printing = cups
> printcap name = cups
> printcap cache time = 750
> cups options = raw
> map to guest = Bad User
> include = /etc/samba/dhcp.conf
> logon path = \\%L\profiles\.msprofile
> logon home = \\%L\%U\.9xprofile
> logon drive = P:
> usershare allow guests = No
> add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
> domain logons = No
> domain master = No
> security = user
> wins support = No
>
> [homes]
> comment = Home Directories
> valid users = %S, %D%w%S
> browseable = No
> read only = No
> inherit acls = Yes
>
> [profiles]
> comment = Network Profiles Service
> path = %H
> read only = No
> store dos attributes = Yes
> create mask = 0600
> directory mask = 0700
> guest ok = No
>
> [users]
> comment = All users
> path = /home
> read only = No
> inherit acls = Yes
> veto files = /aquota.user/groups/shares/
>
> [groups]
> comment = All groups
> path = /home/groups
> read only = No
> inherit acls = Yes
>
> ## Share disabled by YaST
> # [printers]
> # comment = All Printers
> # path = /var/tmp
> # printable = Yes
> # create mask = 0600
> # browseable = No
>
> [print$]
> comment = Printer Drivers
> path = /var/lib/samba/drivers
> write list = @ntadmin root
> force group = ntadmin
> create mask = 0664
> directory mask = 0775
>
> [netlogon]
>
> [sscloud]
> inherit acls = Yes
> path = /srv/data
> read only = No
> guest ok = Yes
> inherit permissions = Yes
> create mask = 0640
> directory mask = 0750
>
> [Nicole]
> inherit acls = Yes
> inherit permissions = Yes
> path = /srv/data/nicole
> read only = No
>
> [evon]
> inherit acls = Yes
> path = /srv/data/evon
> read only = No
>
> --------------------

This clearly isn't an issue specifically relating to SLES for SAP
Applications so I suggest that you start a new thread in the SLES
Configure/Administer forum @
https://forums.suse.com/forumdisplay.php?16-SLES-Configure-Administer

Please can you also include the output from "cat /etc/*release" so
we know which version of SLES you are using.

HTH.
--
Simon Flood
SUSE Knowledge Partner


----Android NewsGroup Reader----
http://usenet.sinaapp.com/

Thanks. I've started a new thread here https://forums.suse.com/showthread.php?10002-PERMISSION-ISSUE

Thanks for the help.