Group member cannot write even with write permission

Question

The logged in user is a member of a group that has a write permission on a folder. But when this user is trying to write something, "permission is denied".

The log below summarizes the question:

subv:/www/tracer/ whoami
frank
subv:/www/tracer/
subv:/www/tracer/ ls -ltr 
total 4
drwxrwxr-x 2 root tracer 4096 Jan 20 12:25 convert.tracer.com
subv:/www/tracer/ groups frank
frank : frank tracer
subv:/www/tracer/ > convert.tracer.com/test
-bash: convert.tracer.com/test: Permission denied
subv:/www/tracer/

Output of "ls -bail /www/tracer/convert.tracer.com/":

subv:~/ ls -bail /www/tracer/convert.tracer.com/
total 8
38010883 drwxrwxr-x 2 root tracer 4096 Jan 20 12:25 .
38010882 drwxr-xr-x 3 root root    4096 Jan 20 12:25 ..
subv:~/

does test file already exist? what are its permissions if so? — Nikhil Mulley, Jan 20 '12 at 12:28
Do you have SELinux activated? Can you also do an "ls -bail convert.tracer.no/" — tmow, Jan 20 '12 at 13:51
@hesse you mean, the group owner of "/www" and "/www/tracer" should be tracer? — user11498, Jan 20 '12 at 14:02
@Nikhil no, there is nothing in "/www/tracer/convert.tracer.com/". Its an empty dir. — user11498, Jan 20 '12 at 14:02
To create a new file in a dir, you (user or groupmember) needs +w permissions on that dir. To write to an existing file in that dir, you only need +w permissions on that file. In both cases you will need the +x permission on the directory. — , Jan 20 '12 at 15:08

score 25 · Accepted Answer · answered Jan 20 '12 at 16:21

25

Group membership is re-read on login. groups seem to report the groups you are in according to /etc/group and does not reflect membership of groups in the current session.

Use the command id -Gn to show the groups that you are currently an active member of. Solution: relogin to apply the group changes.

answered Jan 20 '12 at 16:21

Lekensteyn

20,830

On my Ubuntu 18.04 system I actually needed to do a full reboot via sudo reboot, not sure if that's expected? – ComputerScientist Nov 22 '19 at 18:14
1

@ComputerScientist You have to relogin for group changes to apply, or use the newgrp $group_name command to obtain the group membership if allowed. Rebooting also works, but is a bit drastic. – Lekensteyn Nov 23 '19 at 15:19

tmow · Answer 2 · 2012-01-20T14:37:41.907

0

What about the permissions of the directory where you have the file?

Are you able to edit the file, i.e. with vim, and save it?

Try to do something like

chmod g+w .

UPDATE

subv:~/ ls -bail /www/tracer/convert.tracer.com/
total 8
38010883 drwxrwxr-x 2 root tracer 4096 Jan 20 12:25 .
38010882 drwxr-xr-x 3 root root    4096 Jan 20 12:25 ..

It could there was an issue while creating the tracer directory, I see strange spaces between root and 4096 in the second line of your output.

I would try this as root:

cd /www/tracer/
chown root:root .
chown root:tracer convert.tracer.com

If it's still ok, I'd check the group name in /etc/group, doing a

cat -v /etc/group

Checking that there are not non printable chars in root and tracer group

Finally if you still have the issue could be SELinux or an issue with the file system.

edited Jan 20 '12 at 14:37

answered Jan 20 '12 at 12:25

tmow

1,255

1

ask questions in comments, not answers. He shows the permissions of the directory. If the shell cant write to it, neither can vim. The directory already has g+w perms. – phemmer Jan 20 '12 at 13:12
1

@Patrick yes, you are right... But if he cannot write on the file through a directory (convert.tracer.com/test) I was thinking the issue is the directory... I didn't see well in the log provided. – tmow Jan 20 '12 at 13:38

Group member cannot write even with write permission

2 Answers2

UPDATE

Linked

Related