Dear all, I got weird permission on one of my server, when I ls -l the / i got permission for all directory set to "drwxr-xr-x." there are dot after the executable permission for others. what dot mean in permission and how to fix it? the actual problem is I could login via ssh but cannot login via winscp. any idea how to fix this? thanks in advance best regards,
Muhammad panji wrote on Fri, 31 Jul 2009 14:48:29 +0700:
I got weird permission on one of my server, when I ls -l the / i got permission for all directory set to "drwxr-xr-x." there are dot after the executable permission for others. what dot mean in permission and how to fix it?
I have never seen or heard of this. I would assume that is a formatting glitch produced by some shell login setting. It might help if you showed the whole output.
the actual problem is I could login via ssh but cannot
login via winscp
Change the default WinSCP login from SFTP to SCP.
Kai
On Fri, Jul 31, 2009 at 4:31 PM, Kai Schaetzlmaillists@conactive.com wrote:
Muhammad panji wrote on Fri, 31 Jul 2009 14:48:29 +0700:
I got weird permission on one of my server, when I ls -l the / i got permission for all directory set to "drwxr-xr-x." there are dot after the executable permission for others. what dot mean in permission and how to fix it?
I have never seen or heard of this. I would assume that is a formatting glitch produced by some shell login setting. It might help if you showed the whole output.
the actual problem is I could login via ssh but cannot
login via winscp
Change the default WinSCP login from SFTP to SCP.
I always use SCP because I got better experience with it rather than SFTP
the output of root home :
[root@clarisa ~]# ls -lha total 52K drwxr-xr-x 4 root root 4.0K 2009-08-01 02:38 . drwxr-xr-x. 23 root root 4.0K 2009-07-31 15:47 .. drwxr-xr-x 2 root root 4.0K 2009-07-31 15:06 backup -rw-------. 1 root root 14K 2009-08-01 08:34 .bash_history -rw-r--r--. 1 root root 18 2009-03-30 18:51 .bash_logout -rw-r--r--. 1 root root 176 2009-03-30 18:51 .bash_profile -rw-r--r-- 1 root root 587 2009-07-20 14:34 .bashrc -rw------- 1 root root 43 2009-07-31 15:20 .lesshst drwxr-xr-x 2 root root 4.0K 2009-07-31 15:38 .uml there are dot on .. (parent dir), and several files on root's home dir regards,
From: muhammad panji sumodirjo@gmail.com
[root@clarisa ~]# ls -lha total 52K drwxr-xr-x 4 root root 4.0K 2009-08-01 02:38 . drwxr-xr-x. 23 root root 4.0K 2009-07-31 15:47 .. drwxr-xr-x 2 root root 4.0K 2009-07-31 15:06 backup -rw-------. 1 root root 14K 2009-08-01 08:34 .bash_history -rw-r--r--. 1 root root 18 2009-03-30 18:51 .bash_logout -rw-r--r--. 1 root root 176 2009-03-30 18:51 .bash_profile -rw-r--r-- 1 root root 587 2009-07-20 14:34 .bashrc -rw------- 1 root root 43 2009-07-31 15:20 .lesshst drwxr-xr-x 2 root root 4.0K 2009-07-31 15:38 .uml there are dot on .. (parent dir), and several files on root's home dir
Maybe try:
strace ls -la 2>&1 | grep lstat64
and see if the numeric rights look different...
JD
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
muhammad panji wrote:
Dear all, I got weird permission on one of my server, when I ls -l the / i got permission for all directory set to "drwxr-xr-x." there are dot after the executable permission for others. what dot mean in permission and how to fix it? the actual problem is I could login via ssh but cannot login via winscp. any idea how to fix this? thanks in advance best regards,
IIRC, the "." at the end of the permissions indicates that the file has additional permission controls beyond the standard DAC bits, such as filesystem ACLs, filesystem capabilities, or other attributes.
Filesystem capabilities support is not present in CentOS 5, so are you using ACLs? What does the following show:
getfacl --tabular /*
- -- Mike A. Harris http://mharris.ca | https://twitter.com/mikeaharris
On Fri, Jul 31, 2009 at 05:46:53AM -0400, Mike A. Harris wrote:
IIRC, the "." at the end of the permissions indicates that the file has additional permission controls beyond the standard DAC bits, such as filesystem ACLs, filesystem capabilities, or other attributes.
FACLs are normally indicated by a + at the end of the permissions.
$ ls -ld . drwxr-xr-x 2 sweh sweh 4096 Jul 31 06:38 ./
$ setfacl -m user:named:- .
$ ls -ld . drwxr-xr-x+ 2 sweh sweh 4096 Jul 31 06:38 ./ [note the +]
$ getfacl . # file: . # owner: sweh # group: sweh user::rwx user:named:--- group::r-x mask::r-x other::r-x
Attributes ("chattr") don't get shown by any special character $ ls -ld . drwxr-xr-x 2 sweh sweh 4096 Jul 31 06:41 ./
$ chattr +d .
$ ls -ld . drwxr-xr-x 2 sweh sweh 4096 Jul 31 06:41 ./
$ lsattr -ad . ------d------ .
On Fri, Jul 31, 2009 at 4:46 PM, Mike A. Harrismharris@mharris.ca wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
muhammad panji wrote:
Dear all, I got weird permission on one of my server, when I ls -l the / i got permission for all directory set to "drwxr-xr-x." there are dot after the executable permission for others. what dot mean in permission and how to fix it? the actual problem is I could login via ssh but cannot login via winscp. any idea how to fix this? thanks in advance best regards,
IIRC, the "." at the end of the permissions indicates that the file has additional permission controls beyond the standard DAC bits, such as filesystem ACLs, filesystem capabilities, or other attributes.
Filesystem capabilities support is not present in CentOS 5, so are you using ACLs? What does the following show:
getfacl --tabular /*
AFAIK by default on centos partition mounted with acl option but I haven't set anything related to ACL
the output of getfacl --tabular /* # file: bin USER root rwx GROUP root r-x other r-x
# file: boot USER root rwx GROUP root r-x other r-x
# file: dev USER root rwx GROUP root r-x other r-x
# file: etc USER root rwx GROUP root r-x other r-x
# file: home USER root rwx GROUP root r-x other r-x
# file: lib USER root rwx GROUP root r-x other r-x
# file: lost+found USER root rwx GROUP root --- other ---
# file: media USER root rwx GROUP root r-x other r-x
# file: mnt USER root rwx GROUP root r-x other r-x
# file: opt USER root rwx GROUP root r-x other r-x
# file: proc USER root r-x GROUP root r-x other r-x
# file: root USER root rwx GROUP root r-x other r-x
# file: sbin USER root rwx GROUP root r-x other r-x
# file: selinux USER root rwx GROUP root r-x other r-x
# file: srv USER root rwx GROUP root r-x other r-x
# file: sys USER root rwx GROUP root r-x other r-x
# file: tmp USER root rwx GROUP root rwx other rwx
# file: usr USER root rwx GROUP root r-x other r-x
# file: var USER root rwx GROUP root r-x other r-x
seems normal to me :) more clues please regards,
-
John Doe -
Kai Schaetzl -
Mike A. Harris -
muhammad panji -
Stephen Harris