Member of group root, but root group permissions don't apply?

aeternitas · 04-20-2010, 01:33 AM

A bit of an oddity that I've recently run into with my storage folder in my system; it's a newly installed drive that I've set to mount at /storage. When I first tried to use it, programs that I used that attempted to write to it tossed Access Denied errors at me in their own way.

Checking the permissions (at the Terminal, ls -l / | grep storage) showed that /storage was set to 'rwxrwxr--'--Owner and Group were given full read/write/execute, but Others could only read. However, my logon to my system is a member of group root. Why, then, with the above bits set, would I not be able to write to it? Changing Others permissions to rwx (and presumably rw would have worked out for me since I don't leave anything executable there) allowed me to write to it, but I don't understand why that would have been necessary. So far as I'm aware, the prior drive that was in my system--mounted at the same location--did not need this treatment.

irishbitte · 04-20-2010, 06:14 PM

Can you show us the mount command or script that you used to mount the drive, for example, is it mounted in

Code:

/etc/fstab

Possibly the mount command used had the readonly flag set?

aeternitas · 04-20-2010, 10:07 PM

The drive is mounted by /etc/fstab; when I changed the physical drive out, I simply changed the UUID to it's current value, everything else is the same as it had been:

Code:

# /storage was on /dev/sdb1 during installation
UUID=f3f00e48-17bc-45ac-8568-14c5cd4df273 /storage        ext3    relatime        0       2

On a side note, I'd ended up having to change the permissions of my /tmp folder to be able to log in to my system, about a day later (symptoms matched this bug at Ubuntu's Launchpad (#269215), and changing the permissions is one pretty consistently mentioned fix). The permission change used and prior permissions were the same as the above hard drive (drwxrwxr-- prior, changed to drwxrwxrwx to allow /tmp to be written to)--also owned by user root with group root.

irishbitte · 04-21-2010, 04:24 AM

That's an interesting one, and I don't think I've come across it before. Do you use ACL's?

aeternitas · 04-21-2010, 04:31 AM

Not familiar with what you mean by ACLs, so I'd presume no on that.

Sayan Acharjee · 04-21-2010, 04:42 AM

Quote:

Originally Posted by aeternitas

A bit of an oddity that I've recently run into with my storage folder in my system; it's a newly installed drive that I've set to mount at /storage. When I first tried to use it, programs that I used that attempted to write to it tossed Access Denied errors at me in their own way.

Checking the permissions (at the Terminal, ls -l / | grep storage) showed that /storage was set to 'rwxrwxr--'--Owner and Group were given full read/write/execute, but Others could only read. However, my logon to my system is a member of group root. Why, then, with the above bits set, would I not be able to write to it? Changing Others permissions to rwx (and presumably rw would have worked out for me since I don't leave anything executable there) allowed me to write to it, but I don't understand why that would have been necessary. So far as I'm aware, the prior drive that was in my system--mounted at the same location--did not need this treatment.

can you please post the outputs of the following commands:

Quote:

#ls -ld /storage

and

Quote:

#getfacl /storage

irishbitte · 04-21-2010, 08:53 AM

ACL's: Access Control Lists, they allow for finer grained control over file permissions, think of them as UNIX permissions on steroids. Interestingly, MS use ACL's in their NTFS file system, and they form the basis of the 'New Technology' aspect of NTFS vs FAT32.

PS, the previous post illustrates how to check for this with the getfacl command.

This may be a recurrence of the bug you describe here:

Quote:

(symptoms matched this bug at Ubuntu's Launchpad (#269215), and changing the permissions is one pretty consistently mentioned fix)

might be worth opening a launchpad query about it.

aeternitas · 04-21-2010, 11:06 PM

@sayan_acharjee:
The output of those commands came out as such:

Code:

ms9477@BETA:~$ ls -ld /storage
drwxrwxrwt 4 root root 4096 2010-04-21 13:02 /storage
ms9477@BETA:~$ getfacl /storage
getfacl: Removing leading '/' from absolute path names
# file: storage
# owner: root
# group: root
user::rwx
group::rwx
other::rwx

@irishbitte: I'm beginning to think that's the most likely case, although I wouldn't really call it a recurrence since it doesn't seem to have been really 'fixed', so to speak--just worked around sufficiently. I'll probably weigh in over there in a bit, see what other thoughts might be out there. Just seems rather odd that out of nowhere a permissions change would be needed, doesn't seem quite right to me...but I'm not much of an expert, to tell the truth

Thanks for the input!