1

I have an interesting problem involving group permissions and possibly the setgid bit.

A set of directories is set as the following:

drwxrwsr-x  2 smith web-ww2 18 Oct  4 12:05 grids
drwxrwsr-x 16 smith web-ww2 16 Oct  4 12:05 jpgs

Here is an example of the files in the grids directory:

-rwxrwxr-x 1 smith web-ww2 393K Feb 24  2016 grid2003.zip
-rwxrwxr-x 1 smith web-ww2 366K Feb 24  2016 grid2004.zip

The owner, smith, is able to upload files in both directories. Members of group web-ww2 however cannot. All users are using WinSCP to upload files. No extended attributes are set.

Any idea what would be keeping the members of web-ww2 from uploading files within those directories?

Chris Woelkers
  • 298
  • 2
  • 11
  • Did you verify group membership using `groups `? Also, group modifications don't take effect while user is logged in! – Khaled Jan 19 '17 at 15:34
  • Yes. The users that reported the issue all belong to the web-ww2 group. I am aware of the group modification while logged in issue, it is a non-issue here. – Chris Woelkers Jan 19 '17 at 15:48
  • 2
    **If you login to a shell on that server as one of those users can you create or copy files to that directory?** Are you sure that the users in question are able to actually change into the directory, and you aren't being blocked by the lack of the traverse permissions higher up in your hierarchy? Basically, I think you should rule out WinSCP as possibly doing something different, or something being different because of the access via sftp. – Zoredache Jan 19 '17 at 17:33
  • @Zoredache - I was able to create(touch), delete, and copy files when I used su to "login" as one of the problem users. I will have to walk one through using ssh to login into the server to test that out directly. – Chris Woelkers Jan 19 '17 at 20:20

1 Answers1

1

Turns out this was a PEBKAC problem. The users were trying to upload to those sub-directories in a different location than where they existed. Once they were pointed to the proper place they were able to upload with no problem.

Chris Woelkers
  • 298
  • 2
  • 11