Operating System - HP-UX
1833800 Members
2675 Online
110063 Solutions
New Discussion

User unable to write to file created by root

 
Joshua Goi
Frequent Advisor

User unable to write to file created by root

Hi,

I have a file created by root and I need to be able to write to that file by other users, for example, operator. So I chown-ed the file to operator:None and chmod-ed to 777. And still I can't write to it as operator. Am I missing something here?
10 REPLIES 10
Patrick Wallek
Honored Contributor

Re: User unable to write to file created by root

What directory is the file in? Does the operator have permissions on the directory?
Joshua Goi
Frequent Advisor

Re: User unable to write to file created by root

No, the directory is still under root. I'll change it to operator ownership to see if it works.
Joshua Goi
Frequent Advisor

Re: User unable to write to file created by root

Nope, changing the ownership and access rights of the directory doesn't help either...
Peter Godron
Honored Contributor

Re: User unable to write to file created by root

Joshua,
are you sure about your group of 'None'.
But this should not matter.

Starting at the beginning of your path create dummy files until you are not allowed to do so.

For Example:
/var/adm/logs/data.txt is your real file
touch /var/data.txt
touch /var/adm/data.txt
touch /var/adm/logs/data.txt
Please ensure you use an unused filename, otherwise you may overwrite. One of the touch statements will fail, which will give you the directory you need to chmod.

Just out of interest, please give exact error message.
Joshua Goi
Frequent Advisor

Re: User unable to write to file created by root

Hi Peter,

Yes, the group is None.

The error message is from an external program that runs in the HP-UN environment.

The directory is one level only and it has been changed chown-ed and chmod-ed already. It still doesn't allow me to write even it's 777 and operator:None.. sigh
Ralph Grothe
Honored Contributor

Re: User unable to write to file created by root

Maybe another process is holding an exclusive lock on the file?
What does e.g.
/usr/sbin/fuser /path/to/unwritable_file
display?
But I am not sure, as I think that the common locking mechanism on Unix is merely "advisory",
(and if you writing attempt doesn't use the fcntl() syscall I think what I said is nonsense).
Or, is the file residing on an NFS mount?
Or, is your OS Linux?
There the owner has (at least for files on ext[23]fs, I think) can set additional attributes with chattr to make a file unchangable with the common OS file tools.
Execute an lsattr on the file to see the details.
Madness, thy name is system administration
V. Nyga
Honored Contributor

Re: User unable to write to file created by root

Hi,

'The error message is from an external program ...' - is the program writing to the file or do you write with - for ex. - vi-editor?

Volkmar
*** Say 'Thanks' with Kudos ***
Bill Hassell
Honored Contributor

Re: User unable to write to file created by root

Please do NOT change files and directories to 777 to solve 'permission denied' issues. It is the single most common sysadmin error reported by security auditors. 777 makes the file executable which can cause all sorts of problems, and also makes the file available to be DESTROYED by anyone in the system. The permission settings are there to prevent such destruction.

root should NOT be creating files for users. A normal user should create the file with umask set to 002 or 007. For 002, your file will be created with 664 (read/write by owner and group, read by anyone else) or 660 (read/write by owner and group, no one else can look at the file. The user may need to change the group ownership if the user's default is not the desired group

Now group=none is strange. I would start by creating a specific group based on the use of these files, perhaps acctg or finance or project1, whatever. Then add the various users to that group. To be sure that users have the right settings, login as the user and type the command: id That will report on the user ID and all group IDs.

Now as to a location, / (the root dirfectory) is the WORST possible location. This directory is critical to operation of the systemj and if you have a 777 file, then anyone can dump whatever they want into that file, fill the / filesystem and disable almost everything. And IMMEDIATELY change / back to 755 with owner root:root. If you don't you're going to have a number of insidious errors start occuring with system admin commands.

The correct location for data files would be either /var/tmp (perhaps a directory called /var/tmp/datafiles) or an application directory in /opt. The permission for the datafiles directory would be 775 with owner and group set appropriately. I would NOT use a user ID called operator except possibly for some backup administrator tasks. Every user has their own login for accountability and you add groups as needed for each user.


Bill Hassell, sysadmin

Re: User unable to write to file created by root

Hello,

Try getacl(1) to see if some restricted access have been set.

Regards,

JPH
Peter Nikitka
Honored Contributor

Re: User unable to write to file created by root

Hi,

the best would be, to answer Patricks question first - send us the output of

ls -ld /path/to/dir /path/to/dir/file

mfG Peter
The Universe is a pretty big place, it's bigger than anything anyone has ever dreamed of before. So if it's just us, seems like an awful waste of space, right? Jodie Foster in "Contact"