Howdy list,
I can't seem to find any doc's explaining what's really going on behind this scenario:
A user home directory had been reset to :
d--- --- --- user group user_dir
As root i tried to :
chmod -R 750 user_dir
got permission denied, my friend tried with as user that owns the directory to:
chmod -R 750 user_dir and voila it works.
My question is how come did it work, since the user_dir doesn't have a owner permission attached and why user root has been denied with changing the mode?
Rgds,
Joseph
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of joseph blase Sent: Thursday, August 02, 2007 5:33 PM To: CentOS mailing list Subject: [CentOS] Chmod Explaination
Howdy list,
I can't seem to find any doc's explaining what's really going on behind this scenario:
A user home directory had been reset to :
d--- --- --- user group user_dir
As root i tried to :
chmod -R 750 user_dir
got permission denied, my friend tried with as user that owns the directory to:
chmod -R 750 user_dir and voila it works.
My question is how come did it work, since the user_dir doesn't have a owner permission attached and why user root has been denied with changing the mode?
Owners always have rights to change permission on a file/folder.
As far as root not being able to, do you have selinux running?
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
On 8/3/07, Ross S. W. Walker rwalker@medallion.com wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of joseph blase Sent: Thursday, August 02, 2007 5:33 PM To: CentOS mailing list Subject: [CentOS] Chmod Explaination
Howdy list,
I can't seem to find any doc's explaining what's really going on behind this scenario:
A user home directory had been reset to :
d--- --- --- user group user_dir
As root i tried to :
chmod -R 750 user_dir
got permission denied, my friend tried with as user that owns the directory to:
chmod -R 750 user_dir and voila it works.
My question is how come did it work, since the user_dir doesn't have a owner permission attached and why user root has been denied with changing the mode?
Owners always have rights to change permission on a file/folder.
Even those that were reset? I thinking that it's good as no permission cause it has only d--- --- --- user_dir.
As far as root not being able to, do you have selinux running?
No, I don't have.
-Ross
-Joseph
______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of joseph blase Sent: Thursday, August 02, 2007 5:45 PM To: CentOS mailing list Subject: Re: [CentOS] Chmod Explaination
On 8/3/07, Ross S. W. Walker rwalker@medallion.com wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of joseph blase Sent: Thursday, August 02, 2007 5:33 PM To: CentOS mailing list Subject: [CentOS] Chmod Explaination
Howdy list,
I can't seem to find any doc's explaining what's really going on behind this scenario:
A user home directory had been reset to :
d--- --- --- user group user_dir
As root i tried to :
chmod -R 750 user_dir
got permission denied, my friend tried with as user that owns the directory to:
chmod -R 750 user_dir and voila it works.
My question is how come did it work, since the user_dir doesn't have a owner permission attached and why user root has been denied with changing the mode?
Owners always have rights to change permission on a file/folder.
Even those that were reset? I thinking that it's good as no permission cause it has only d--- --- --- user_dir.
Yes, implicitly have them, it's a fail-safe feature.
As far as root not being able to, do you have selinux running?
No, I don't have.
Then I dunno why root didn't, as with selinux disabled root also has implicit rights to all files/folders, but with selinux enabled security context can be setup on a directory hierarchy to only give implict rights to owners.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
On Aug 2, 2007, at 5:58 PM, Ross S. W. Walker wrote:
As far as root not being able to, do you have selinux running?
No, I don't have.
Then I dunno why root didn't, as with selinux disabled root also has implicit rights to all files/folders, but with selinux enabled security context can be setup on a directory hierarchy to only give implict rights to owners.
is user_dir on an NFS share?
-steve
-- If this were play'd upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night
On Thu, 2007-08-02 at 22:30 -0400, Steve Huff wrote:
On Aug 2, 2007, at 5:58 PM, Ross S. W. Walker wrote:
As far as root not being able to, do you have selinux running?
No, I don't have.
Then I dunno why root didn't, as with selinux disabled root also has implicit rights to all files/folders, but with selinux enabled security context can be setup on a directory hierarchy to only give implict rights to owners.
is user_dir on an NFS share?
By default root will have the least privileged access to NFS shares (nobody.nogroup or nfsnobody.nfsnogroup) unless no_root_squash is specified for the client machine in the server's /etc/exports.
Phil
-
joseph blase -
Phil Schaffner -
Ross S. W. Walker -
Steve Huff