0

For a project I'm working on, I need the www-data user to be able to read /etc/openvpn/easy-rsa/pki/index.txt

The permissions see fine for this:

-rw-r-----+ 1 root www-data 1050 Dec  7 20:43 index.txt

That wasn't working so I added ACL.

getfacl index.txt
# file: index.txt
# owner: root
# group: www-data
user::rw-
user:www-data:r--
group::r--
mask::r--
other::---

No matter what, it doesn't work. There must be something I'm doing wrong here?

sudo -u www-data ls index.txt
ls: cannot access 'index.txt': Permission denied
Chemdream
  • 93
  • 1
  • 9

1 Answers1

1

You also need to check the permissions of the containing directory and all parent directories, which must at least allow the x search permission for that user in order to access files or directories within that directory (and r permission if reading the directory listing is desired).

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • That worked. thanks! quick question though. If I access the file from a different directory, do I still need x permission in that folder? – Chemdream Dec 15 '20 at 13:53
  • Do you mean by a symbolic link? You would also need permission to read the link and access the directory that it is in. – Michael Hampton Dec 15 '20 at 16:13