[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Permission denied" from dired, but not from ido completion in tramp
From: |
Adam Sjøgren |
Subject: |
Re: "Permission denied" from dired, but not from ido completion in tramp |
Date: |
Sat, 15 Jun 2024 12:06:33 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Philipp writes:
> I will ask the people at DESY what's going on here in detail, but I
> heard some time ago that ACLs are being used, which seem to work in
> parallel to the usual Linux rights.
You can check from the commandline with "getfacl FOLDER". "ls -ld"
also indicates that there are ACLs set by adding a "+" after the
permissions.
Michael writes:
> Tramp checks also ACLs and SELinux permissions, but only after the
> usual UNIX permission tests. Maybe this must be tuned?
ACLs can give access to files/folders that the unix permissions do not
indicate access to, so I guess TRAMP should do the ACL check even if
the unix permission test says no?
Example:
$ ls -ld hep
dr-xr-x--- 2 root staff 22 2024-06-15 11:56:01 hep
$ cd hep
bash: cd: hep: Permission denied
$ ls hep
ls: cannot open directory 'hep': Permission denied
My user, asjo, does not have access to the folder 'hep' according to
unix permissions, and there are no ACLs set.
$ sudo setfacl -d -m u:asjo:rwx hep
$ sudo setfacl -n -m u:asjo:rwx hep
$ ls -ld hep
dr-xr-x---+ 2 root staff 22 2024-06-15 11:56:01 hep
After setting ACLs, the unix permissions still indicate that asjo does
not have access, but now there is a "+" for ACLs present.
$ cd hep
$ ls
test.txt
The ACLs allows asjo to cd into the folder and list the file there.
$ id | grep staff
$
(asjo is not in the staff group.)
I hope I understood the discussion correctly O:-)
Best regards,
Adam
--
"What year is it?" Adam Sjøgren
"2040, our president is a plant." asjo@koldfront.dk
- "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/14
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/14
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp,
Adam Sjøgren <=
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/16
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/16
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/16
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/17
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/18
- Re: "Permission denied" from dired, but not from ido completion in tramp, Adam Sjøgren, 2024/06/16