Change ACL

I have a folder , I use the below command .
Code:
#getfacl sis_group

and then get the result
Code:
group:sis1:rwx

would advise if I would like to change group from sis1 to sis2 , the getfacl result should be as below , what can I do ? thanks
Code:
group:sis2:rwx



Similar Content



Setfacl Help

I can't believe I wrote a looong message and it logged me out when I tried to submit it.

So anyway, in short lines:

- I have a network of sites where all sites share same "images" folder
- I have created /home/_images/entities and symlinked it from all websites
- It works great with Apache, when I open /images/ on any of the sites I get list of images and can view them

The problem is suPHP which changes process ID of the PHP script to the file owner ID, so when I load site1.com, all scripts are executed as user1 (and files/folders created with those scripts belong to user1:user1). When I load site2.com, all scripts are executed as user2 (and files/folders created with those scripts belong to user2:user2). All these users do NOT belong to the same group, and I wouldn't like to change that as it is cPanel/WHM server so I'm afraid I'll screw something up if I change (primary?) group of all users.

Therefore I need to set it up in such way that all newly created folders and files under /home/_images/entities (owned by root) have read/write permissions for everyone.

Here's the command I used:

Code:
setfacl -Rdm o::rwx /home/_images/entities

To check it:
Code:
root@server1 [~]# getfacl /home/_images/entities/
getfacl: Removing leading '/' from absolute path names
# file: home/_images/entities/
# owner: root
# group: root
user::rwx
group::rwx
other::rwx
default:user::rwx
default:group::rwx
default:other::rwx

This looks fine, however when I try upload an image via site1.com it looks like this:

Code:
root@server1 [/home/_images/entities]# ls -l
total 24
drwxrwxrwx+ 5 root    root    4096 Jan 14 06:25 ./
drwxrwxrwx  5 root    root    4096 Jan 12 13:08 ../
drwxrwxr-x+ 3 user1   user1   4096 Jan 14 06:25 1/

And in folder "1" is the image (and thumbs folder):

Code:
root@server1 [/home/_images/entities/1]# ls -l
total 236
drwxrwxr-x+ 3 user1   user1     4096 Jan 14 06:25 ./
drwxrwxrwx+ 5 root    root      4096 Jan 14 06:25 ../
-rw-rw-rw-  1 user1   user1   225569 Jan 14 06:25 689048f221ab7c556f4d482a9d92b2d6.jpg
drwxrwxr-x+ 2 user1   user1   4096 Jan 14 06:25 thumbs/

My questions:

1) Why newly created folders do not have "write" permissions for everyone else [not user and/or group]? If I upload first image from site1.com, then I can't upload other images from any other site, while all sites can display them.

2) What is the + at the end of permissions list? (drwxrwxr-x+)

3) Why newly created files have only "rw" permissions for user, group AND everyone else, and not execute permissions? I don't actually need execute flag set here, but from my command you can see I've set "o::rwx" so it should be there (or not?)

Actually the real problem is #1 - other users can't write to this folder so users can't upload images from other sites nor other sites can create (missing) thumbnails.

Problem With Chgrp In Bash

Code:
alice@alice:~$ grep 1003 /etc/group
alice:x:1003:
alice@alice:~$ grep 1003 /etc/passwd
alice:x:1003:1003:Alice,,,:/home/alice:/bin/bash

So there's nobody in alice's group except alice (for whatever that's worth)

Code:
alice@alice:~$ ls -ld dollstuff
drwxrwxr-x 2 alice alice 4096 Jan 28 10:55 dollstuff

alice clearly owns and has full access to the directory "dollstuff" which resides in her home directory

Code:
alice@alice:~$ grep 1005 /etc/group
common:x:1005:alice,dilbert,wally

there's another group of which alice is a member, and alice wants to share her directory with the other members of the group

Code:
alice@alice:~$ chgrp common dollstuff
chgrp: changing group of ‘dollstuff’: Operation not permitted

Why not? dilbert and wally do this very same thing on their machines on a regular basis. All are running fully updated Ubuntu 14.04.

"chown ladybug:common dollstuff" is also disallowed, although "rm -r dollstuff" does work.

Getting The Last Background Pid

Hi, I know that it is possible to get the last background pid using the $! command, however when I use it in my QT application I got a wrong result. Below follows an example where this procedure works
Code:
[linux@localhost ~]$ (sleep 6 && echo "A test") &
[1] 3312
[linux@localhost ~]$ echo $!
3312
[linux@localhost ~]$ A test

Now my Qt application, where I got a wrong result:
Code:
./dbsync &>/dev/null &
[1] 5047
[linux@localhost comm5]$ echo $!
5047

but using the ps command it is possible to verify that the pid related to the right process is not the 5047 but 5050.
Generally it is the process that comes with the command Code:
echo $!

added of two.

I use QCoreApplication in my program. I do not know if it has something to do with this error.

Any advice is welcome

Why Should I Always Use Chmod When Not As A Root User

System Info:

I have normal user in CentOS 7 whose name is "mostafa" (the name of the account).

I naturally have another user called root with all privileges. User "mostafa" is put into sudoers file, too.

The OS is installed in VmWare, so the system is all mine.

Problem:

Now I create a file with touch file.sh and put a command in it, but when I want to run it with Code:
sudo ./file.sh

, an error is shown that the command Code:
./file.sh

does not exist. But if I Code:
 sudo chmod 777 ./file.sh

then it gets run. My question is that, why should I use Code:
chmod 777

when I myself have created the file, and I am in sudoers.

Can anyone explain me why shuold I still use Code:
sudo chmod 777

when the creator of the file is me.

CentOS 7 - Not Able To Open Vmplayer

I have CentOS 7 64 bit. I have installed open-vm-tools on it.
I have installed vmplayer using
Code:
./VMware-Player-6.0.1-1379776.x86_64.bundle

Now when I try to open vmplayer on it, it does not load 'Virtual Network Device'
and shows error in terminal
Code:
Failed to build vmnet.  Failed to execute the build command.

When I check status of vmware, it shows
Code:
Module vmnet not loaded

If I try to run
Code:
vmware-modconfig --console --install-all

It gives me following error.
Code:
make: Leaving directory `/tmp/modconfig-2NfFeS/vmnet-only'
Unable to install all modules.

I am not able to open VMplayer, please help me to open it.

Thanks

--Kind Regards
Sam

Cp -r *.* /<dest Folder>: What Does *.* Literally Mean In Linux?

I have been using this command a lot lately:
Code:
sudo cp -r *.*  /<dest folder owned by root>

Goal: to copy all contents of current folder into destination folder.

I know there are other ways, and have tried several, but gave up in confusion (was also in a hurry to get on with it). Finally gave the windows *.* a shot, and it did exactly what I wanted.

Now that my task is completed, it would be nice to know what *.* literally means in Linux. I just looked though man cp, and also ran Code:
info coreutils 'cp invocation'

but didn't see any '*' options listed. Now I remember having come across '.' before somewhere, in the cp command, so possibly the '*' are ignored, and the only thing that matters is the 'dot'?

Command Manual Working But Not On Cron

Hi

When i run this command manually on Centos 6.6 it works:

Code:
/usr/bin/find /backup/ -type d -mtime +1 -print0 | xargs -0 rm -rf

but as a cron job it doesn't as i can see a folder with files there from Mar 28:

Code:
55 5 * * * /usr/bin/find /backup/ -type d -mtime +1 -print0 | xargs -0 rm -rf

And here are the logs from cron that it is executing this at the correct time :

Code:
Mar 30 05:55:01 server CROND[9526]: (root) CMD (/usr/bin/find /backup/ -type d -mtime +1 -print0 | xargs -0 rm -rf)

Any ideas why?

Thanks

Can't Access Samba Share

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:
Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:
[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:
total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Problem With (instalation Of?) Mysql.h On C

Hi, I've just recently installed MySQL connector/c from source code on my Slackware 14.1 x64

I read the official instructions of the connector but I felt a bit disorientated when I read:
Code:
1 -Change location to the top-level directory of the source distribution.

I interpreted that I have to go to the "highest" directory Code:
/

So I wrote: Code:
 
        #                            cd /

root@- /#                            tar xzvf /home/normal/Downloads/mysql-connector-c-6.1.6-src.tar.gz 

root@- /#                            cd /mysql-connector-c-6.1.6-src/

root@- /mysql-connector-c-6.1.6-src# cmake -G "Unix Makefiles"

root@- /mysql-connector-c-6.1.6-src# make 

root@- /mysql-connector-c-6.1.6-src# make install

Then I did:
Code:
ln -s /usr/local/mysql-5.6.25/include /usr/include

But when I try to compile a program in c with #include <mysql.h> i get this error:
Code:
# gcc ctemp.c 
In file included from ctemp.c:2:0:
/usr/include/mysql.h:57:27: fatal error: mysql_version.h: No such file or directory
 #include "mysql_version.h"
                           ^

What can I do? Thanks a lot and sorry for poor english

PD: If you need the official instructions I paste here the link: https://dev.mysql.com/doc/connector-...on-source.html

Setuid, Setgid, Sticky Bit

There's something really weird happening with permissions on a directory in linux. I have the directory /dir

Code:
ls -ld /dir
drwxrwxrwx. 2 root root 4096 Jan  8 00:06 dir
chmod 2777 /dir [this sets the setgid bit on]
ls -ld /dir
drwxrwsrwx. 2 root root 4096 Jan  8 00:06 /dir

And this is what I expect it to do.
However, when I change it to setid (WITHOUT setgid), it simply doesn't work. Instead of overwriting, it cumulates:
Code:
chmod 4777 /dir [for setting setuid bit on]
drwsrwsrwx. 2 root root 4096 Jan  8 00:06 /dir

As you can see, the setgid bit is still on together with the setuid! However, if I run:
Code:
chmod -s /dir

then the file has a 0777 permission.

And then again, if I change its permission to 4777 (so setuid):
Code:
chmod 4777 /dir
drwsrwxrwx. 2 root root 4096 Jan  8 00:06 /dir

it acts normally. So the same chmod 4777 acts differently in two different contexts.

I really can't understand it. Basically, I cannot get rid of the setuid/setgid through binary permissions. The sticky bit works fine. Changing from 1777 to 0777 adds and removes "t" respectively. What am I to make of all this? This behaviour makes no sense to make especially given that we can change the permissions to 6777 (setuid + setgid).