LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   'Could not chdir to home directory /home/[user]: Permission denied' (https://www.linuxquestions.org/questions/linux-newbie-8/could-not-chdir-to-home-directory-home-%5Buser%5D-permission-denied-780328/)

arashi256 01-06-2010 12:44 PM

'Could not chdir to home directory /home/[user]: Permission denied'
 
I have a secondary disk which holds a /home directory structure from a previous install of Linux. I installed a new version on a new primary drive and mounted this secondary drive as the new /home. Problem is, even though the users are the same names and I can access the home directories for the users, I cannot login directly to their home directories, as I get the following error: -

Code:

login as: [me]
[me]@[machine]'s password:
Last login: Wed Jan  6 18:34:33 2010 from [machine]
Could not chdir to home directory /home/[me]: Permission denied
[[me]@[machine] /]$

Now, since the usernames are correct and the users are in the passwd file with the correct home directory paths, could it be user ID's that are different or something else? It's not as though I cannot access the home directories for the users, simply that I cannot log directly into them from a login prompt.

What have I broken? :)

devnull10 01-06-2010 12:50 PM

Have you tried using chown as root to change the ownership?
What are the permissions set as? Post the output from
Code:

ls -la /home/

cardy 01-06-2010 01:07 PM

The problem is most likely related to the user and group IDs. When you create a user it is given a userid and a primary group ID. This information is stored in /etc/password normally (unless you use some form of network based authentication).

If you look at /etc/passwd you will see a number of user entries, below is a sample for some of the passwd file users on my system
Quote:

cat /etc/passwd

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
The file is colon separated and the fields your interested in are the 3rd and the 4th. The 3rd field is the numeric user id for the user on this system and the 4th is the primary group ID for the user. You will probably find that when you look at the output from the command provided by Devnull10 that there are user ID's shown rather than usernames.

I am guessing the previous system on which the /home directories were originally created had assigned different user id's in the password file.

As devnull10 recommends the chown command can be used to change the owner and is probably a simpler way of fixing the access than trying to change the user ids in the /etc/passwd file because other files on the linux system will be using the new user id.

arashi256 01-06-2010 01:43 PM

The output: -

Code:

[jon@joshua11 /]$ ls -la /home/
total 24
drwxr-xr-x.  5 root  root  4096 2009-07-13 10:03 .
dr-xr-xr-x. 25 root  root  4096 2010-01-05 16:37 ..
drwx------. 32 jon    jon    4096 2010-01-06 16:14 jon
drwx------.  2 root  root  4096 2010-01-05 16:39 lost+found
[jon@joshua11 /]$

The UID and GID in the /etc/passwd file is 500 for both. How can I find out what the UID and GID for the /home/jon directory is (as I assume this is the problem)? I have already done: -

chown -R 500:500 /home/jon

...but this doesn't seem to change the login problem, although I *do* have ownership of the files and directories as this user. Am I somehow missing changing the UID and GID for the hidden files even though the username is the same? Something that used the previous UID and GID in whatever scripts automatically moves your location to your home directory when you login?

Thanks for your patience.

devnull10 01-06-2010 01:52 PM

The syntax of chown is:

Code:

chown [user] [dir]
So you want to do

Code:

chown -R jon /home/jon/
Also, how come you have a separate group for your home directory? Seems a little strange unless you are wanting a limited set of other users to have some form of access?

arashi256 01-06-2010 01:54 PM

I have already tried that to no effect. Login problem persists. Hidden files appear to have changed, but since both usernames are the same, it's hard to tell.

arashi256 01-06-2010 02:02 PM

Quote:

Originally Posted by devnull10 (Post 3816611)
Also, how come you have a separate group for your home directory? Seems a little strange unless you are wanting a limited set of other users to have some form of access?

That's the default setup for Fedora. Separate users and groups. Don't know why.

I've also done chgrp -R 500 /home/jon (and tried substituting "500" for "jon") to no effect. I have acces to the home directory as that user, just not able to automatically login to the home directory. It fails and I have to do "cd /home/jon" after logging in.

devnull10 01-06-2010 02:42 PM

You could try creating a new home directory when logged in as root for the user jon. The following command will modify the user to have the home directory /home/jon_home (it will be created if it doesn't already exist). The -m flag will copy the contents of your existing home into the new directory.

Code:

usermod -d /home/jon_home -m

cardy 01-06-2010 03:16 PM

The following command will show what user/group id's are set on the directory

ls -ln /home

Is the version of linux the same as the one you had previously installed. When you create a user a default set of files are copied into the users home directory from the directory /etc/skel

It could be that your .bash_profile .cshrc or other login files are what is causing the directory failure.

It would be worth looking at these files to see if they are causing issues.

The other thing that occurs is can you run the command

cat /etc/fstab | grep /home

This will list the entry for the /home partition showing the mount options that have been used to mount it.

Regards

Lee

arashi256 01-06-2010 04:09 PM

Thanks Cardy - that shows a little more information on /home: -

Code:

drwx------. 32 500 500 4096 2010-01-06 19:52 jon
..but the numbers are 500 as they should be as listed in /etc/passwd: -

Code:

jon:x:500:500:Jonathan:/home/jon:/bin/bash
Running "cat /etc/fstab | grep /home" yields this, which is as it should be, I suppose: -

Code:

/dev/sdb1      /home      ext3    defaults        2 1
The /home directory drive was 32-bit Fedora 11, the new system is 64-bit Fedora 12 in basically a new system. I just mounted the old drive and created users with the same names. Works fine as long as you don't mind manually cd'ing to your user home directory.

I couldn't see anything amiss with .bashrc or .bash_profile or anything like that, but it is definitely something to do with login.

cardy 01-06-2010 04:28 PM

Have you checked the following:

The output of the command

Quote:

dmesg
The log files in /var/log

Check the following files.

Quote:

messages
secure
These may give you some indication as to why your getting the errors.

Regards

Lee

arashi256 01-06-2010 04:57 PM

Output of secure log: -

Code:

Jan  6 22:53:44 joshua11 sshd[6194]: Accepted password for jon from [IP ADDRESS] port 2143 ssh2
Jan  6 22:53:44 joshua11 sshd[6194]: pam_unix(sshd:session): session opened for user jon by (uid=0)
Jan  6 22:53:51 joshua11 su: pam_unix(su-l:session): session opened for user root by jon(uid=500)

UID = 500, which is correct. Nothing in the messages log for the time it happened, nor in dmesg.

ongte 01-06-2010 07:45 PM

Very odd looking problem you have there. Could it be a SELinux context issue?
Try looking at the output of these:
# ls --context /home
# ls --context /home/jon

If not SELinux, it could also be an ACL issue. Try:
# getfacl /home

arashi256 01-07-2010 04:13 AM

Quote:

Originally Posted by ongte (Post 3816926)
Very odd looking problem you have there. Could it be a SELinux context issue?
Try looking at the output of these:
# ls --context /home
# ls --context /home/jon

If not SELinux, it could also be an ACL issue. Try:
# getfacl /home

Code:

[root@joshua11 ~]# ls --context /home
drwx------. jon    jon    system_u:object_r:file_t:s0      jon
drwx------. root  root  system_u:object_r:file_t:s0      lost+found
[root@joshua11 ~]# ls --context /home/jon
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Backup
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Desktop
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Documents
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Downloads
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Music
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Pictures
drwxrwxr-x. jon jon unconfined_u:object_r:file_t:s0  Platforms
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Programs
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Public
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 RHCT
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 SCJP
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Templates
drwxrwxr-x. jon jon unconfined_u:object_r:file_t:s0  Torrent-Files
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Videos

Ah, this seems to show something different - the two directories I've added since I've run this drive (Platforms and Torrent-Files) from this new machine have different entries to the directories that were still there before - what does this mean?

lupusarcanus 01-07-2010 04:32 AM

Could it be the change from x86 to x86_64? Maybe some architecture incompatibility?

arashi256 01-07-2010 04:52 AM

Quote:

Originally Posted by devnull10 (Post 3816657)
You could try creating a new home directory when logged in as root for the user jon. The following command will modify the user to have the home directory /home/jon_home (it will be created if it doesn't already exist). The -m flag will copy the contents of your existing home into the new directory.

Code:

usermod -d /home/jon_home -m

I ran: -

Code:

usermod -d /home/jon_home -m jon
but when logging in as "jon", I still get the same error: -

Code:

login as: jon
jon@[machine]'s password:
Last login: Thu Jan  7 10:49:57 2010 from [Some IP]
Could not chdir to home directory /home/jon_home: Permission denied
[jon@joshua11 /]$

Have I done this right?

arashi256 01-07-2010 05:49 AM

Gah, fixed it by shunting everything to another directory, deleting the user and recreating it and shunting everything back. It's fixed it, but I'd prefer to know why it happened in the first place...thanks anyway everyone for all your help.

cardy 01-07-2010 05:53 AM

This could be selinux related, there is a quick way to check by switching selinux into permissive mode rather than enforcing.

if you edit the file

/etc/sysconfig/selinux

Quote:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
You should have a similar setup to above. If the SELINUX= entry is set to enforcing then selinux is enabled.
If you change this to SELINUX=permissive save the file and reboot the machine then selinux will change to warning you about policy issues rather than enforcing the security.

Assuming after the reboot you can login without error then you can further diagnose the correct permissions that should be applied on the /home directory.

If you still receive the errors even with selinux in permissive mode then its unlikely to be an selinux issue. You can easily change back to your default setting after performing the test by switching back to enforcing in the same file and again rebooting.

Regards

Lee

arashi256 01-07-2010 05:55 AM

Thanks, I'll look into that. I'm thinking more and more that this was an SELinux issue - it was/is certainly enabled on both machines.

cardy 01-07-2010 05:57 AM

Just out of interest what permissions are now shown when you run the commands

ls --context /home
ls --context /home/jon


Regards

lee

arashi256 01-07-2010 06:02 AM

Quote:

Originally Posted by cardy (Post 3817406)
Just out of interest what permissions are now shown when you run the commands

ls --context /home
ls --context /home/jon


Regards

lee

Hi Lee,

Sure thing...

Code:

[root@joshua11 ~]# ls --context /home
drwx------. jon    jon    unconfined_u:object_r:user_home_dir_t:s0 jon
drwx------. root  root  system_u:object_r:file_t:s0      lost+found
[root@joshua11 ~]#

and...

Code:

[root@joshua11 ~]# ls --context /home/jon
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Backup
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Documents
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Downloads
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Music
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 Pictures
drwxrwxr-x. jon jon unconfined_u:object_r:file_t:s0  Platforms
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 Programs
drwxr-xr-x. jon jon unconfined_u:object_r:user_home_t:s0 RHCT
drwxrwxr-x. jon jon unconfined_u:object_r:user_home_t:s0 SCJP
drwxrwxr-x. jon jon unconfined_u:object_r:file_t:s0  Torrent-Files
[root@joshua11 ~]#

Looks the same to me, but if you want to make an educated guess, go for it :)

billcheng 06-20-2010 11:59 PM

I just want to mention that I have *exactly* the same problem!

My usual setup is that I have a system partition and a user partition. Every time I upgrade, I just reformat the system partition and install the new system on it. Then I do "groupadd" and "user add" to add myself to the system with the home directory set to my directory in the user partition.

I've been using Fedora and this procedure worked till FC8. The next system reinstall I tried after FC8 was FC11 and that's when I started to see this problem and I went back to FC8.

Last week, my machine died. Luckily, my harddrive was fine and I have another machine that I can use. So, I move my harddrive from the dead machine to the other machine and installed FC13. I see exactly the same problem again! When I logged in, I get the error message and my current working directory is set to / and my login scripts in my user partition are not executed.

Then I started googling this problem and found this thread. I just tried setting SELINUX=permissive and rebooted my machine and, Voila, everything is working! Thanks so much!
--
Bill Cheng

ASangodkar 07-26-2010 05:34 AM

I have also faced the same problem using Fedora 13. I have shared the home directory from an NFS server for all the users in a cluster. Whenever I use SSH to login to a node, it is successful but changing to home directory of the user fails. But when I type cd, it changes to the user's home directory.

Code:

[root@garl-amd1 ~]# ssh akshay@garl-amd5
akshay@garl-amd5's password:
Last login: Mon Jul 26 02:02:38 2010 from garl-amd1
Could not chdir to home directory /home/akshay/: Permission denied
[akshay@garl-amd5 /]$ cd
[akshay@garl-amd5 akshay]$

As suggested by cardy, I tried switching selinux into permissive mode and it worked. How do I get rid of this problem without changing selinux mode?

Akshay

ASangodkar 07-27-2010 02:02 AM

I have fixed it! It was an SELinux problem. I got an alert from the SELinux troubleshooter after I switched SELinux to permissive mode. It suggested that I should use the command

$setsebool -P use_nfs_home_dirs=1

But, I used the SELinux GUI instead. I guess other related problems can be fixed by configuring SELinux properly.

marcoecc 08-26-2010 06:21 AM

SElinux
 
Quote:

Originally Posted by ongte (Post 3816926)
Very odd looking problem you have there. Could it be a SELinux context issue?
Try looking at the output of these:
# ls --context /home
# ls --context /home/jon

If not SELinux, it could also be an ACL issue. Try:
# getfacl /home



I had the same problem. On one of my hosts I kept receiving this error:
Could not chdir to home directory /home/me: Permission denied
upon login. After logging in, I could just chdir manually into it.

This error in turn also prevented SSH from using key authentication, as the .ssh directory was unreachable before logging in, and SSH defaulted to requesting the password.

After painstakingly checking all the many usual things with SSH on both sides, I checked the SElinux contexts:

on the well-behaving hosts:
# ls --context -d /home /home/me

drwxr-xr-x. root root system_u:object_r:home_root_t:s0 /home
drwx------. me me unconfined_u:object_r:user_home_dir_t:s0 /home/me

on the misbehaved host:
# ls --context -d /home /home/me

drwxr-xr-x. root root system_u:object_r:file_t:s0 /home
drwx------. me me unconfined_u:object_r:user_home_dir_t:s0 /home/me

Notice the /home/me has the same context, while /home hasn't, having file_t instead of home_root_t.

Simply running
# restorecon /home
solved a problem which had taken a few hours to figure out.

kevindo2020 11-11-2011 09:29 AM

Thank you marcoecc! :)

I just installed CentOS 6. First time around, I installed the OS on the first drive. Then I added a larger RAID1 partition and copied content of /home into the new RAID1 partition and mounted on /home. Then I got this same problem.

After googling around I finally got to your post.

# restorecon /home
does the trick.

Thanks.


All times are GMT -5. The time now is 04:51 AM.