Linux cannot write to file

Linux, Why can’t I write even though I have group permissions?

I want to create a file in a directory owned by the staff group which I am a member of. Why can I not do this?

bmccann@bmccann-htpc:~$ ls -l /usr/local/lib/R/ total 4 drwxrwsr-x 2 root staff 4096 2010-07-31 16:21 site-library bmccann@bmccann-htpc:~$ id -nG bmccann bmccann adm dialout cdrom plugdev staff lpadmin admin sambashare bmccann@bmccann-htpc:~$ touch /usr/local/lib/R/site-library/tmp touch: cannot touch `/usr/local/lib/R/site-library/tmp': Permission denied 

7 Answers 7

Did you logout and log back in after making the group changes? See:
Super User answer involving touch permissions failure

If I open a new terminal window, shouldn’t that be considered a new process? I’m pretty sure I tried that and it didn’t work forcing me to log out.

@Ben: Starting a new process inherits uid/gids from its parent. You need a privileged program (such as login , su , etc.) to actually set uid/gids.

If it’s inconvenient to logout/login back in, as implied by the above, you can do this in a terminal: su your-user-name . The resulting shell will have your updated group permissions.

Thanks for this! I spent about 15 minutes pulling my hair out trying to figure out why I didn’t have group permissions in a folder.

I had the same issue, check if the folder has any more ACL rules or not!

If you can see + (plus sign) when you list folder, that means it has special access rules. For example:

[user_in_apache_group@web02 html]$ ls -l total 16 drwxrwxr-x 16 apache apache 4096 Sep 4 13:46 ilias drwxrwxr-x+ 15 apache apache 4096 Sep 4 13:46 ilias5 

[user_in_apache_group@web02 html] getfacl ilias5 # file: ilias5 # owner: apache # group: apache user::rwx user:user_in_apache_group:r-x group::rwx mask::rwx other::r-x 

So that means my user (user_in_apache_group) has no write permission for that folder.

The solution is what @techtonik said, add write permission for user:

[user_in_apache_group@web02 html]$ sudo setfacl -m u:user_in_apache_group:rwx ./ilias5 

[user_in_apache_group@web02 html] getfacl ilias5 . user:user_in_apache_group:rwx . 

Why can’t Linux user edit files in group he is a part of?

I am using Ubuntu 12.04 and had the same problem where a user cannot write to a file to whom he is allowed group access to. For example:

whoami //I am user el el touch /foobar/test_file //make a new file sudo chown root:www-data /foobar/test_file //User=root group=www-data sudo chmod 474 /foobar/test_file //owner and others get only read, //group gets rwx sudo groupadd www-data //create group called www-data groups //take a look at the groups and see www-data //www-data exists. groups el //see that el is part of www-data el : www-data 

Restart the terminal now to ensure the users and groups have taken effect. Login as el.

vi /foobar/test_file //try to edit the file. 

Produces the Warning:

Warning: W10: Warning: Changing a readonly file" 

What? I’ve done everything right why doesn’t it work?

Do a full reboot of the computer. Stopping the terminal isn’t enough to fix these problems.

I think what happens is apache2 also uses the www-data group, so the task was somehow preventing the users and groups from being enforced correctly. Not only do you have to logout, but you have to stop and restart any services that use your group. If a reboot doesn’t get it, you’ve got bigger problems.

Источник

root cannot write to file that is owned by regular user

This is a new behavior available on Linux kernels since version 4.19 to prevent attacks using /tmp/ tricks. The default value of the option might have been enabled later or be different depending on the distribution.

(FEATURED) Avoid unintentional writes to an attacker-controlled FIFO or regular file: disallow open of FIFOs or regular files not owned by the user in world writable sticky directories, unless the owner is the same as that of the directory or the file is opened without the O_CREAT flag. The purpose is to make data spoofing attacks harder. This protection can be turned on and off separately for FIFOs ( protected_fifos ) and regular files ( protected_regular ) via sysctl, just like the symlinks/hardlinks protection commit

This is intended to protect an user (including root which normally has always enough privileges) to write to a preexisting file in a directory like /tmp or /var/tmp while it would have intended to create it itself.

It’s enabled with this sysctl toggle: fs.protected_regular . One can revert to former behavior with:

sysctl -w fs.protected_regular=0 

but this will likely lower overall security, while making some strange «bugs» like OP’s case disappear.

As for why root could still delete the file, that is because the additional security feature is triggered only for opening a file for writing, not for unlink-ing it: truncate -s . does open the file for writing, rm doesn’t (it uses unlink or unlinkat ).

Источник

Cannot write to newly created file

I have an ubuntu server. I created a simple index.html file using touch . and tried to use nano and it turns out the permission is denied. Why is this? If I just made the file on the server why wouldn’t I have write access in the first place? My second question is if I wanted to change the permissions to the number format 644 (is that what a html file on the server should be set to?) how do I view what it currently is how do I convert -rw-rw-r— to the numeral format? I want to view -ls -l with the numeral permissions format rather then -rw-rw-r— . The index.html file is running on the server alright.

thomas@vannevar:~/public/example.org/public$ touch index.html thomas@vannevar:~/public/example.org/public$ ls index.html thomas@vannevar:~/public/example.org/public$ nano index.html Error reading /home/thomas/.nano_history: Permission denied Press Enter to continue starting nano. thomas@vannevar:~/public/example.org/public$ ls -l total 0 -rw-rw-r-- 1 thomas thomas 0 May 17 13:57 index.html thomas@vannevar:~/public/example.org/public$ 

The error pertains to the file /home/thomas/.nano_history , not to index.html. Check the permissions for that file, and the parent directory of that file (i.e., ls -l /home/thomas/.nano_history and ls -ld /home/thomas/ ). Also, for octal permission notation: en.wikipedia.org/wiki/Filesystem_permissions#Octal_notation

The permission denied is for /home/thomas/.nano_history because its having trouble reading it. What does ls -l /home/thomas/.nano_history say?

Источник

Linux & C: ‘write()’ does not write anything to file

I have a simple task to accomplish with this routine where, all it has to do is, open the file, append data from a buffer & close. I am using ‘open’ & ‘write’ for that purpose on a linux machine. Although the return code after ‘write()’ is positive, the file size does not increase and it is always empty. I ma pulling my hair to figure out what the issue with the below code. Thought some fresh eyes can shed some light.

#define BIT_Q_FILE ".\\bitq.dat" int BQWrite(void *p) < int fd ; int rc = -1 ; fd = open(BIT_Q_FILE, O_RDWR | O_APPEND ) ; if (fd < 0) return -1; memset(&BITQBuff,0,sizeof(typeBITQFile)); memcpy(&BITQBuff.pBitQueue,p,sizeof(typeBITQueue)); rc = write(fd, &BITQBuff,sizeof(typeBITQFile)) ; close(fd) ; if(rc!=sizeof(typeBITQFile)) < return -1; >rc = sizeof(typeBITQueue); return rc ; > 

can you try fflush(fd) and see if that helps? close flushes the buffers, but just covering all bases. Also, what is the value that rc contains after the write call?

2 Answers 2

I got your problem right here:

#define BIT_Q_FILE ".\\bitq.dat" 

You’ve hit a trifecta of Windows-to-Unix porting gotchas:

• The directory separator on Unix is / , not \ .
• But Unix is perfectly happy to let you put \ in the middle of a file name. (The only bytes — and I really mean bytes, not characters — that cannot appear in a pathname component are those with the values 0x2F and 0x00.)
• Unix is also perfectly happy to let a file name begin with a dot; however, by default ls does not print any file names that begin with a dot.

So you are expecting data to be written to a file named bitq.dat in the current directory, but it is actually being written to a file named .\bitq.dat , still in the current directory. That file is hidden by default, so it looks like the data is disappearing into thin air. ls -a will reveal the hidden file, and rm .\\bitq.dat will delete it. To fix your code, just change the define to

#define BIT_Q_FILE "bitq.dat" 

It is not necessary to put a leading ./ on the path passed to open .

This may not be the only problem with your code, but I don’t see anything else obviously wrong. If you need more help, please post a new question with a complete, minimal test program that people can compile and run for themselves.

Источник

Can’t write to file /sys/class/backlight/acpi_video0/brightness (ubuntu)

It doesn’t work even when using sudo. However if I switch to super-user with su, it works. Why is that?

This action is restricted to sudo users only. I found an answer in this comment: The reason that this is set at su permissions is that a virus could conceivably make your screen dim and go bright at incredible speed ultimately damaging your hardware display. In the 90’s I encountered a virus that would adjust the screen refresh Hertz so rapidly that your monitor would fry.

6 Answers 6

The error happens because sudo elevates permissions for the command ( sudo echo 5 ) but not the redirection to write the file ( > /sys/class/backlight/acpi_video0/brightness ). The actual bash shell needs permission to write, which is why it fails with sudo but works as root.

You can work around this by running the tee command as root to write to the file:

echo 5 | sudo tee /sys/class/backlight/acpi_video0/brightness 

Note that this will also echo «5» to your terminal. This is a normal side effect of the tee command.

I can’t take credit for coming up with that — it’s a bit of UNIX folklore I picked up from who-knows-where.

As written in the Arch wiki (link), by default, only root can change the brightness by this method. To allow users in the video group to change the brightness, a udev rule such as the following can be used (replace the with your vendor id. E.g. acpi_video0 , intel_backlight ) :

% cat /etc/udev/rules.d/backlight.rules ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="", RUN+="/bin/chgrp video /sys/class/backlight/%k/brightness" ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="", RUN+="/bin/chmod g+w /sys/class/backlight/%k/brightness" 

Then you need to add your user to the video group.

After that this should work:

echo 5 > /sys/class/backlight//brightness 

Источник