在chown和chmod之后，用户的文件夹中的权限被拒绝 [英] permission denied in a folder for a user after chown and chmod

问题描述

我在以下位置有一个目录

I have a directory at

/home/ec2-user/vertica1

，我正在尝试让用户dbadmin该文件夹中的所有特权.

and I'm trying to get user dbadmin all privilages in that folder.

我已经完成了对该文件夹上的dbadmin和chmod 777的锁定，但是dbadmin仍然会出现权限被拒绝的错误.

I've done chown to dbadmin and chmod 777 on that folder but dbadmin still gets a permission denied error.

如果我将sudo放在命令前面(我将dbadmi放在sudoers中)，则它可以工作.为什么没有sudo不能使它工作?

If I put sudo in front of the command(I put dbadmi in sudoers), then it works. Why can't I get it to work without sudo?

推荐答案

dbadmin可以遍历/home/ec2-user吗?尝试做chmod a+x /home/ec2-user

Can dbadmin traverse /home/ec2-user? Try doing chmod a+x /home/ec2-user

被拒绝的原因可能更多，例如特定的acl或LSM，但这是最可能的原因.

There could be more reasons for being denied, like a specific acl or a LSM but this is the most likely cause.

UNIX权限rwx¹在目录上的工作方式如下:

The UNIX permissions rwx¹ work on directories as follows:

• r:您可以查看目录的内容(内部文件或文件夹的名称)
• w:您可以创建新文件，删除或重命名现有文件.
• x:您可以遍历该文件夹.

遍历权限意味着您可以访问子文件夹(假设您知道其名称-如果您还具有读取权限，则可以获取该文件夹的名称-).

The traverse permission means that you can access the folder children (assuming you know its name -which you can obtain if you also have read permission-).

在这种情况下，dbadmin可以读取和遍历/以及/home，但是/home/ec2-user可能具有类似于drwx------ 2 ec2-user的模式，以保护其内容.因此，即使您的主文件夹中的任何人都可以读取重要文件，其他用户也无法进入该文件，因为他们无法通过/home/ec2-user(这正是您想要做的，在这种情况下).

In this case dbadmin could read and traverse / as well as /home, but /home/ec2-user probably had a mode like drwx------ 2 ec2-user in order to protect its contents. Thus, even if you had an important file readable by anyone deep inside your home folder, other users can't get into it, since they wouldn't be able to go pass /home/ec2-user (which is exactly what you wanted to do, in this case).

¹请注意，我跳过了一些比较特殊的内容.

¹ Note that I am skipping over the more exotic ones.

这篇关于在chown和chmod之后，用户的文件夹中的权限被拒绝的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！