0

Possible Duplicate:
How to apply changes of newly added user groups without needing to reboot?

I am on Ubuntu 11.04. I am creating another user and placing an existing user in the group of other user, hoping to write in the home directory of other user.

# uname -a
Linux vini 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:18:14 UTC
2011 i686 athlon i386 GNU/Linux
# whoami
sachin
# su root
# useradd -m -U foo               // create user foo
# usermod -a -G foo sachin      // add user `sachin' to group `foo'
# chmod 770 /home/foo/
# exit
# whoami
sachin
# cd /home/foo/
bash: cd: /home/foo/: Permission denied
# groups sachin
sachin : sachin foo

This is totally weird. Though user sachin is in group foo, and group bits for /home/foo/ is set to rwx, sachin can't chdir to /home/foo/. I am not able to understand this.

But, if at the exit step, I switch to sachin user from root, this is what happens:

# uname -a
Linux vini 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:18:14 UTC
2011 i686 athlon i386 GNU/Linux
# whoami
sachin
# su root
# useradd -m -U foo               // create user foo
# usermod -a -G foo sachin      // add user `sachin' to group `foo'
# chmod 770 /home/foo/
# su sachin
# whoami
sachin
# cd /home/foo/
# ls
examples.desktop

Now, whatever is happening here is totally incomprehensible. Does su sachin inherits some permissions from the root user at this step?

A solution that was suggested was to use newgrp, which updates the group and other user information. So if I do newgrp - sachin, then I get access to the directory of the newly created user, but if I create one more user and follow the same steps sachin does not get access to the latest users directory.

This behavior is indeed very baffling.

Any explanations would be much appreciated.

Community
  • 1
Sachin
  • 169
  • 2
    As far as I know, you need to logout/login/start a new session so that changed groups apply. – Bobby Jun 17 '12 at 10:49
  • Also, in Ubuntu you really should use sudo instead of running as root. Some tools depend upon being run as sudo, not root. And to add users to groups in Debian-derived distros, use the adduser wrapper. – dotancohen Jun 17 '12 at 12:37
  • It seems there is no way out other than a re-login at least in my case where I have create a lot of users add myself into their group and access their directories. But I did not expect this kind of dependency – Sachin Jun 17 '12 at 13:04
  • @dotancohen: Huh? sudo runs the given command as root...it is considered bad form to give the root account a password, tough. – Bobby Jun 17 '12 at 14:37
  • @Bobby: I had a client who insisted running his Ubuntu desktop as root. He had all kinds of problems with things that would seem "corrupted" (Gnome configurations among them I remember, also Chrome font hinting, some other things that I've forgotten). I've learned to never su - in Ubuntu and just to use sudo. And never login to run a desktop as root! – dotancohen Jun 17 '12 at 14:46
  • @dotancohen: I agree that running X/the DE as root is the worst idea you can have. But I think one can assume to be safe as long as you stick to the CLI and especially in such a short command chain. But as I just realized, su needs root to have a password...which is for a sudo optimized system most likely bad. – Bobby Jun 17 '12 at 17:50

1 Answers1

4

Your current login shell process keeps the group configuration it had before. Especially, compare the output of

groups sachin

with

groups

. After logout and login, the difference is gone.

If you cannot relogin due to reasons unclear to me, you have to cascade the newgrp stuff. Imnternally, newgrp does nothing but "relogging in" in a new layer of processes. If you log out, you have to press Ctrl-D as often as you have newgrp stuff running.

Alternatively, you terminate the inner newgrplayer and start another one after a usermod. Then you again have access to the current set of groups.

glglgl
  • 1,210
  • yes you are right there is a difference between groups sachin and groups but the issue is that I do not want to do a logout and login. I can't do that because I am running these commands on a server – Sachin Jun 18 '12 at 08:33
  • If I work on a server, I quite often log out and in again. That doesn't hurt, does it? – glglgl Jun 18 '12 at 09:50
  • I can't keep logging out and logging in on a server, it is hosting a site for me – Sachin Jun 18 '12 at 09:52
  • and the hosting requires you to keep logged in? So you have to permanently have your home PC on and SSH program running? Sorry, I really don't get it (but probably it doesn't matter as well)... – glglgl Jun 18 '12 at 11:47
  • @Sachin: This is the way UNIX works. Group permissions are only determined at login. You have to log out and log in again. – bahamat Jun 18 '12 at 20:36