LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-12-2017, 03:53 AM   #1
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Rep: Reputation: 1
Question cannot cd to dir even it's mode 777


Hi folks,

It's very weird that on one of dir, I cannot cd to the dir even it's 700.

There's no issue in /media3/splunkforwarder/etc, I can cd to it; but for /media3/splunkforwarder/etc/auth, there's error, even though /media3/splunkforwarder/etc/auth is 700

Code:
[root@test etc]# pwd
/media3/splunkforwarder/etc

[root@test etc]# cd auth
-bash: cd: auth: Permission denied

[root@test etc]# ls -ld auth
drwx------+ 3 root root 12 Oct  9  2016 auth

[root@test etc]# getfacl auth
# file: auth
# owner: root
# group: root
user::rwx
group::---
mask::rwx
other::---

getfacl: auth: Permission denied
Could anyone help on this? Thank you!

Last edited by hahacc; 06-12-2017 at 05:06 AM.
 
Old 06-12-2017, 04:14 AM   #2
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 16,644

Rep: Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615
drwx------+ + means SELinux is enabled
the correct answer is here:
http://www.unix.com/unix-for-dummies...7037-drwx.html

Last edited by pan64; 06-12-2017 at 05:37 AM.
 
Old 06-12-2017, 04:25 AM   #3
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 20 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918
For info, auth doesn't have 777 permissions in the details you provide, it has 700.

Just in case it has a bearing, can you paste the output from:

Code:
lsattr -d auth
 
Old 06-12-2017, 04:26 AM   #4
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 20 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918
Quote:
Originally Posted by pan64 View Post
drwx------+ + means SELinux is enabled
I thought it meant that the directory/file has ACL's set?
 
Old 06-12-2017, 05:08 AM   #5
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by hydrurga View Post
For info, auth doesn't have 777 permissions in the details you provide, it has 700.

Just in case it has a bearing, can you paste the output from:

Code:
lsattr -d auth
Yes it's 700, sorry typo here.

Even lsattr with permission denied:

Code:
[root@test etc]# lsattr -d auth
lsattr: Permission denied While reading flags on auth
 
Old 06-12-2017, 05:38 AM   #6
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 16,644

Rep: Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615Reputation: 5615
Quote:
Originally Posted by hydrurga View Post
I thought it meant that the directory/file has ACL's set?
sorry, corrected.
 
Old 06-12-2017, 07:28 AM   #7
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
weired just recreated that, and it works here
Code:
good morning userx
userx%voider ⚡ ~ ⚡> mkdir dir700
userx%voider ⚡ ~ ⚡> chmod 700 dir700 -R
userx%voider ⚡ ~ ⚡> cd dir700
userx%voider ⚡ dir700 ⚡> cd
userx%voider ⚡ ~ ⚡> ls -la dir700
total 8
drwx------  2 userx userx 4096 Jun 12 07:26 .
drwx--x--x 59 userx userx 4096 Jun 12 07:26 ..
userx%voider ⚡ ~ ⚡>
userx%voider ⚡ ~ ⚡> ls -ld dir700
drwx------ 2 userx userx 4096 Jun 12 07:26 dir700
userx%voider ⚡ ~ ⚡>
yours got a +
Code:
[root@test etc]# ls -ld auth
drwx------+ 3 root root 12 Oct  9  2016 auth
what dat + for? bit thing?
found it never mind
Code:
"If the file or directory has extended security
 information, the permissions field printed by the
 -l option is followed by a '+' character."

This generally means the file is encumbered with access
 restrictions outside of the traditional Unix permissions -
 likely Access Control List (ACL).
So I'd say you got a look at your access control list for that dir and see what its doing in relationship to govern it.

Last edited by BW-userx; 06-12-2017 at 07:39 AM.
 
Old 06-12-2017, 07:42 AM   #8
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 20 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918
Does the auth directory happen to be a mount point to a filesystem on another machine?

Use the mount | grep "auth" command to check.
 
Old 06-12-2017, 11:01 AM   #9
malekmustaq
Senior Member
 
Registered: Dec 2008
Location: root
Distribution: Slackware & BSD
Posts: 1,669

Rep: Reputation: 496Reputation: 496Reputation: 496Reputation: 496Reputation: 496
Quote:
but for /media3/splunkforwarder/etc/auth, there's error, even though /media3/splunkforwarder/etc/auth is 700
It appears the folder is accessed through a mounted volume or mount point. Check the mount permission.
Code:
man mount
Good luck.
 
Old 06-12-2017, 09:14 PM   #10
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by hydrurga View Post
Does the auth directory happen to be a mount point to a filesystem on another machine?

Use the mount | grep "auth" command to check.
Yes, the FS is on NFS, please check below:

[root@test etc]# df -Ph .
Filesystem Size Used Avail Use% Mounted on
slcfs01:/export/vol01 3.0T 11G 3.0T 1% /media3

[root@test etc]# mount | grep '/media3'
slcfs01:/export/vol01 on /media3 type nfs (rw,rsize=32768,wsize=32768,hard,nolock,timeo=14,noacl,intr,mountvers=3,nfsvers=3,addr=10.240.185.20 )
 
Old 06-12-2017, 09:15 PM   #11
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by malekmustaq View Post
It appears the folder is accessed through a mounted volume or mount point. Check the mount permission.
Code:
man mount
Good luck.
Yes, the FS is on NFS, please check below:

[root@test etc]# df -Ph .
Filesystem Size Used Avail Use% Mounted on
slcfs01:/export/vol01 3.0T 11G 3.0T 1% /media3

[root@test etc]# mount | grep '/media3'
slcfs01:/export/vol01 on /media3 type nfs (rw,rsize=32768,wsize=32768,hard,nolock,timeo=14,noacl,intr,mountvers=3,nfsvers=3,addr=10.240.185.20 )
 
Old 06-12-2017, 09:57 PM   #12
Laserbeak
Member
 
Registered: Jan 2017
Location: Manhattan, NYC NY
Distribution: Mac OS X, iOS, Solaris
Posts: 508

Rep: Reputation: 143Reputation: 143
I don't think you should generally chmod a directory to an octal number, since it may have other flags set to show it's even a directory, depending on the UNIX/Linux implementation. With directories, I always try to use chmod g+w /path/to/directory etc.
 
Old 06-12-2017, 10:24 PM   #13
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,555

Rep: Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088Reputation: 2088
Quote:
Originally Posted by hahacc View Post
Yes, the FS is on NFS, please check below:
Root privileges are not honored across NFS unless the filesystem is exported with the "no_root_squash" option. Without that option, "root" gets mapped to "nfsnobody", and that ID does not have the needed permissions in your directory.
 
2 members found this post helpful.
Old 06-13-2017, 02:39 AM   #14
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Thumbs up

Quote:
Originally Posted by rknichols View Post
Root privileges are not honored across NFS unless the filesystem is exported with the "no_root_squash" option. Without that option, "root" gets mapped to "nfsnobody", and that ID does not have the needed permissions in your directory.
Thank you! After enabling no_root_squash, the issue gone away.
 
Old 06-13-2017, 04:35 AM   #15
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Thumbs up

Quote:
Originally Posted by hydrurga View Post
Does the auth directory happen to be a mount point to a filesystem on another machine?

Use the mount | grep "auth" command to check.
Thank you! After enabling no_root_squash, the issue gone away.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
copying files from home dir to another dir from another dir in a lower dir chomito44 Linux - General 5 10-19-2013 06:18 PM
tar dir and sub dir removing files but not existing not empty dir j-me Linux - General 2 08-12-2013 11:37 AM
If statement to check mode of dir in vi radamsiii Programming 4 09-23-2008 10:11 AM
Command to display /dir, /dir/sub, /dir/sub/files knockout_artist Linux - Newbie 9 10-25-2007 02:57 PM
777 Dir on Webserver ALInux Linux - Security 2 08-10-2006 09:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration