Is it possible to test effective permissions of a file for a specific user?
I normally do this by su user and then accessing the file, but I now want to test this on an user with no shell (i.e. a System user)
Asked
Active
Viewed 3.7k times
28
dtech
- 987
4 Answers
33
I found convenient to use in scripts something like
sudo -u <user> test -r <file-to-test> && ...
user72025
- 439
25
The sudo command can run anything as a particular user with the -u option. Instead of worrying about shells, just try to cat (or execute, whatever) your file as your target user:
$ sudo -u apache cat .ssh/authorized_keys
cat: .ssh/authorized_keys: Permission denied
ckhan
- 4,132
-
1
catis probably not the best choice though... it you are testing a large file or a binary file... – Alexis Wilke Nov 14 '15 at 06:29 -
Your example is flawed though; SSH requires particular permissions set on
.ssh(u=rwx,g=,o=) and its children (u=rw,g=r,o=r) or it will refuse to use the entire config for that user. This does not test that. – detly Sep 13 '20 at 23:35
18
sudo -u <user> test -r <file-to-test>; echo $?
The echo $? part will output the exit status from the test.
Just remember here that the output will be 0 if the operation was successful! Or non-zero, e.g. 1, if not.
Like @Thomas's comment on @user72025's answer, use man test to get more operation tests, like test -x to test executability, test -w for writability, etc.
HalosGhost
- 4,790
Tyler Collier
- 281
-
2For me, this is the most helpful answer. The one by user72025 was close, but I had no idea what the result was. You've made that clear. Thanks. Voting up. – inspirednz Feb 15 '18 at 02:41
6
I've found you can use su -s <shellname> <username> to enter a specific shell as a specific user. You can then test file permissions as usual.
E.g.:
su -s /bin/bash Debian-exim
touch /etc/exim4/exim4.conf.template
dtech
- 987
man testfor more details – Thomas BDX Jul 01 '14 at 18:18