LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 05-01-2008, 09:44 AM   #1
Martin Peter Clarke
LQ Newbie
 
Registered: Nov 2007
Posts: 12

Rep: Reputation: 0
trying normal rcp (/usr/bin/rcp) Permission denied.


If I run rcp as root to root it works.

If I run it as accounts oracle to oracle at one customer, it works.

At another, it doesn't:

...
trying normal rcp (/usr/bin/rcp)
Permission denied.

I really, really have tried EVERYTHING, apart from what works.

Including a high priority call with RedHat, a week old, with no response.

I've searched the web exhaustively for solutions and given up: you are the most recommended resource.

I HAVE to use rcp, I HAVE to use the oracle (and Oracle can't / won't help either) account AND an ad-hoc account.

I will pay out of my own pocket for a solution if it comes today!

Regards
Martin
 
Old 05-01-2008, 11:43 AM   #2
beadyallen
Member
 
Registered: Mar 2008
Location: UK
Distribution: Fedora, Gentoo
Posts: 209

Rep: Reputation: 36
Forgoing all the reasons to not use rcp/rsh etc, you probably need to supply some more information about what you've tried.
For instance, when you say permission denied, do you mean you can't execute rcp as a normal user, or that the authentication fails? If you just can't execute rcp, change the permissions. If the authentication fails, then it could be any number of reasons. Are accounts set up properly on all machines, together with .k5login/ hosts.equiv files etc. Does rsh work between machines?
 
Old 05-02-2008, 04:51 AM   #3
Martin Peter Clarke
LQ Newbie
 
Registered: Nov 2007
Posts: 12

Original Poster
Rep: Reputation: 0
Thanks beadyallen

Authentication vs. permission: it says Permsission denied below.

k5login & hosts.equiv - I've never had to use these before, investigated at the time, discounted. See final comment.

As for rsh - I'm a mere DBA and have a lot of catching up to do - in other words I don't know how to test it yet.

Edit from my log at customer site follows.

WORKS AS ROOT! [and as oracle using sudo - NOT A DEVELOPMENTALLY / POLITICALLY ACCEPTABLE SOLUTION!]

[root@gbbirwmfo1 swmfol]# rcp -p 1_205702_611404834.dbf.Z gbbirwmfo2.efguk.efg.corp:/u01/app/oracle/temp
connect to address 10.1.1.61: Connection refused
Trying krb4 rcp...
connect to address 10.1.1.61: Connection refused
trying normal rcp (/usr/bin/rcp)

TARGET DIRECTORY:

[root@gbbirwmfo2 oracle_archs]# cd /u01/app/oracle/temp
[root@gbbirwmfo2 temp]# ls

1_205702_611404834.dbf.Z

As ORACLE

rcp -p 1_205720_611404834.dbf.Z gbbirwmfo2.efguk.efg.corp:/u01/app/oracle/temp
connect to address 10.1.1.61: Connection refused
Trying krb4 rcp...
connect to address 10.1.1.61: Connection refused
trying normal rcp (/usr/bin/rcp)
Permission denied

CHECKED rsh, rlogin and rexec set in /etc/securetty

ALL .rlogins in oracle & root accounts configured, internally & externally (permissions).

At another customer, where I did the entire build from the O/S up inclusive on both live & DR rcp works from the oracle account. I didn't have to use

On the customer above I just built the DR box.

What am I failing to compare between the live boxes on both customers? I'll report my comparison.

Thanks for your response so far regardless mate, any more is a bonus!

Regards
Martin
 
Old 05-02-2008, 08:10 AM   #4
beadyallen
Member
 
Registered: Mar 2008
Location: UK
Distribution: Fedora, Gentoo
Posts: 209

Rep: Reputation: 36
Alright, your problem is most likely a mapping of usernames. I'm guessing that on the remote machines, you've got a .rhosts file containing a list of valid ip addresses. This will probably work fine for the 'root' and 'oracle' accounts, since these will exist on both machines. However, it's likely that your local username isn't valid on the remote machines. To fix it, you can add a line to the .rhosts file. For instance, if you want user 'geoff' (which is valid on your local machine, with ip address 192.168.1.32) to be able to copy things as the 'oracle' user on a remote machine, add the following to the .rhosts in the remote oracle user's home directory:
Code:
192.168.1.32 geoff
However, as I hinted at before, DON'T USE RCP/RSH/RLOGIN. Please. Especially not across the internet. Change to using ssh/scp instead. It's much more secure.
 
Old 05-02-2008, 08:37 AM   #5
jbilla
LQ Newbie
 
Registered: Apr 2008
Posts: 19

Rep: Reputation: 0
Martin,

Have you mounted /u01 with acl?
mount -l |grep "/u01"
Can you check (or paste output) for the permission for /u01/app/oracle/temp with getfacl if you have acl on it? It could have been the reason that acl might have set just only for one of your oracle user to deny writing there.

Just though of that if that can help you out...
 
Old 12-21-2010, 11:42 AM   #6
casperpache
LQ Newbie
 
Registered: Oct 2009
Location: Aberystwyth
Distribution: Redhat 5
Posts: 21

Rep: Reputation: 0
Smile

I know this is an old post but as i have just managed to resolve this problem for myself i thought id post my solution.

Beadyallens response was exactly what was the problem with my issue.

My scenario....
i have ServerA.doodle.com that contained a file called /transfers/TestA.
I also have ServerB.doodle.com where i wanted to copy the file to as user bob.
A user called bob needed to log onto ServerB and copy the TestA file from ServerA.


To get this to work....
On ServerA, I had to create a .rhosts file in the home directory for bob (/home/bob/.rhosts) and add the below line....

ServerB.doodle.com bob
This line allows bob on ServerB to access and copy files from ServerA

Then I logged onto ServerB as bob and ran the rcp command as below:-

rcp ServerA:/transfers/TestA /home/bob/


The main problem i had which had me going round in circles was that i never had the correct hostname of ServerA in the .rhosts file.
This needs to be input as your server resolves it.
i.e. I originally thought that because in my hosts file i had the nickname as ServerA it would figure it out, so i had...
ServerA bob

After amending this to the below it worked fine.
ServerA.doodle.com bob

Hope this helps someone.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
/usr/bin/env: bad interpreter: Permission denied Master Fox Linux - Software 8 02-09-2012 09:25 AM
/usr/bin/procmail Permission denied-sendmail? sunram Solaris / OpenSolaris 4 02-29-2008 01:53 PM
"permission denied when rcp-ing with root. ayeletr Linux - Security 7 11-24-2004 05:48 PM
"permission denied" when doing rsh/rcp ayeletr Linux - General 1 01-22-2004 10:45 AM


All times are GMT -5. The time now is 10:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration