Group permissions allow, but still get permission denied

permissions 12.04

Did you recently add that user to that group, without logging out/in between? Then "groups" will show the group but the user does not have the group permissions yet.

You can show your effective groups using

$ id

As an example, if I add my user ps to the group fax and then type

$ id

it does not show the group fax, but

$ groups ps

shows fax.

Doing su to your own user gives you the new group affiliation:

$ su ps
$ id

The output now also contains fax.


The method that you have used seems to be correct. I just now tried to replicate it, and it worked just fine.

I am not sure if there is a typo, but there is a slight problem with the command. There is no need to have "mygroup" mentioned in there. The following works

# chmod -R g+swrx /mount/abc

Even, you can remove the s bit, just do g+rwx. After you have changed the permissions, and you do ls -l, it should display the relevant privileges.


You cannot remove the file because the group mygroup doesn't have write permissions on the file test.png as well as the folder. For write operations to work on the file the file permissions should look like:

-rw-rwxr-- 1 otheruser   mygroup    159539 Apr 23 23:44 test.png*

If you take a closer look at the permission format

duuugggooo

The first three placeholders uuu are user read, write and execute. The next three placeholders ggg are for the group and ooo for others. In the snippet posted by OP group is missing the write permission.


Directories need x bit set (for directory that bit is seen as search bit) to open. So I use tree so I can get only the folder set and avoid the nightmare of having all the files set as executables ( the option for tree is -d List directories only.):

sudo tree -faid /mount/abc | xargs -L1 -I{} sudo chmod 755  "{}"

Warning!!! you should have this into considerations:

  • using chmod or chown recursive on root / directory or system directories will destroy your OS (actually anything recursive on / directory or system directories is dangerous)

  • this is not a good security practice to set permission bulk like that


To add to the accepted answer (since I can't comment yet):

If you use software like BitVise to create a SSH connection to your server, simply closing & re-opening a terminal will not count as logging in & out. It will do things like reload your ~/.bashrc, but not perform the actual group updates (if you added the group in your "login" session). For this to take effect you would have to fully logout and login again with your SSH-key/credentials.

Related

How to install X11/xorg?
Do all domains technically end with "."?
Running tasks inside LXD container through ansible
How to use multiple SSL certificates in HA Proxy [duplicate]
Kickstart create users and add to groups
How much RAM do I need to run a forum using Nginx, Gunicorn, Django?
In IIS7, is it possible to have custom environment variables per web site?
How to handle in-progress request when applying rolling update?
Chrony time synchronization on huge time diff
RAID with three disks (RAID 5 vs RAID 1E)
Nginx & Dynamic banlist
helm - changing all configmaps during upgrade