Questions tagged as ['permissions']

In computing, permissions (often called "privileges," "access rights" or just "rights") are rules associated with objects on a computer or network. Permissions determine which objects can access which objects, and to what extent.
Score: 0
Vincenzo Iorio avatar
R/W Permission Kubernetes over NFS
cn flag

I have kubernetes pod with a PHP & Nginx containers , mounting an NFS share v4.1, as /var/www/html/"webcontent" When I access the application from browser throws the error "You need to grant write permissions for PHP on the following directory: /var/www/html" The NFS server is a Sinology NAS, no mapping enabled, so it should default to use UID=33 GID=33 . Both are synced in the NFS server and every ...

Score: 0
SScotti avatar
Questions about running postgres as Docker Container. 1. TimeZone, 2. global.stat
cn flag

I'm been running postgres as a Docker Container for quite awhile. Initially, the TZ and PGTZ were not set, so I think it was defaulting to UTC. On my dev system I tried the following in docker-compose.yml:

    image: postgres:13
    ports: ["5557:5432"]
    restart: unless-stopped
       - ./Index:/var/lib/postgresql/data
       TZ: "America/Cayman"
Score: 0
Brett53559 avatar
Why won't exchange authenticate user in admin role?
jp flag

I have a java spring boot application that I authenticate through our exchange servers. The from address included in the email is the same address associated with the authenticated user.

When I point the connection URL directly at one of the exchange servers it will authenticate and send email successfully. However when I point it at the (I think it's called a relay) [URL that points at either se ...

Score: 0
NoobAdmin avatar
User cannot enter his group's directory despite the directory having the correct permissions and the user being in the proper group
bh flag

I have a directory called /workspace that looks like this:

[root@machine workspace]# ls -al
total 7
drwxr-s---. 7 root workspace 4651468242 Nov 16 14:41 .
dr-xr-xr-x. 22 root root 4096 Nov 15 11:36 ..
(I left out its subdirectories. You can see that /workspace belongs to the group workspace)

Then there's a user yang whose id is as follows:
[root@machine workspace]# id yang
uid=563(yang)  ...

Score: 1
Confused about how to manipulate GCS bucket/object permissions
us flag

On my laptop I have a directory which contains a subdirectory, which in turn contains a bunch of HTML files. It looks like this:

% ls -lR 2000-09
total 12
drwxrwxr-x 2 skip skip 12288 Nov 18 07:42 html

total 648
-rw-r--r-- 1 skip skip 18489 Dec  4  2019 index.html
-rw-r--r-- 1 skip skip 18489 Dec  4  2019 maillist.html
-rw-r--r-- 1 skip skip  3468 Dec  4  2019 msg00000.html
Score: 0
can't write to dockerized samba server share from windows 10 machine
my flag

Hi so I am in the process of setting up a dockerized samba server and for the most part it's setup however I can't/don't have permission to write to the server from a windows 10 machine. I tried changing permissions on the directories but it seems docker doesnt really like that because as soon as I do the permissions/owners, basically all the info about the permissions of the files becomes corrupt and  ...

Score: 0
Boppity Bop avatar
CentOS8 Stream - what is security context in files permissions and how it can affect access?
cn flag

I did install some of my aspnet core apps on Linux before using CentOS8. This time I used CentOS8-Stream. I dont know if that contributes to the issue.

The facts:

  1. I could not make apache use certificates. Everything was as I did before and yet it didnt work. Finally I found some obscure link on the internet which used ls -lrtZ /etc/pki/tls/certs to display security context (I didnt even know it exists).  ...

Score: 2
NFS mount a user cannot write gets permission denied. Gid, UID match and am not using all_squash
in flag

Both server and client are cent os 7.0

My data VM has a exports file:


My client has a fstab: /export/images nfs rsize=32768,wsize=32768,actimeo=0,bg,intr

Sure enough that client whose user is arc can ls /export/images but if I try to cd into there and touch a file:

Score: 1
Marco Venuti avatar
Apache mod_userdir and php permissions
je flag

I have a setup with many users, who can host their personal webpage (served by apache via mod_userdir), located under public_html in their homes. php support is also enabled in apache.

At the moment I have the following configuration in /etc/apache2/mods-enabled/userdir.conf

<IfModule mod_userdir.c>
        UserDir <home basedir>/*/public_html
        UserDir disabled root

        <Dire ...
Score: 0
Hans_R avatar
Outlook Calendar can display details but scheduling assistant can't even show free/busy after EXO migration
in flag

While all our end user mailboxes are still on our on-prem Exchange 2016 environment, I have moved a few room mailboxes to EXO. When I view these mailboxes in the calendar view in Outlook, I can see the details of the appointments as I have reviewer access on those calendars. However, when I create a meeting invitation and I go to the scheduling assistant and add that meeting room, I get a message that t ...

Score: 0
Access denied to folder even though Domain Admins have Full Control
cn flag

I'm setting up a testing environment for permissions and I'm trying to understand what's going on here.

I have a Windows Server 2016 where my admin account used for testing is both a member of the local administrators group as well as the Domain Admins group. I have a folder where both the user, and the Domain Admins group, have Full Control. If I remove the user, but leave the Domain Admins with ...

Score: 0
Michael Uray avatar
Apply Exchange Public Folder Permission import via Import-CliXML
cn flag

I did run into the situation that I lost all my public folder permissions which were assigned via groups.

Before the migration started from our MSEX2016 server to Office 365, all the permissions got exported to a XML file, what I think (described on this Microsoft page) happened with the following command:

Get-PublicFolder -Recurse -ResultSize Unlimited | Get-PublicFolderClientPermission | Select-Object ...
Score: 0
Patrick Schulz avatar
SSH connection issue : How to change folder / file permissions in Windows similarly to Linux?
vg flag

I have hard times connecting my local PC through SSH to another remote PC. I set the public key on both machines in the authorized_keys folder following this tutorial : but i get

permission denied (interactive board, public key)

type of error. I read that possible solution could be : /home/<user> or ~/.ssh/authorized_keys permissions are to ...

Score: 0
How can I find the minimal set of ACL changes required to grant a user access to a file?
az flag

I work on a CentOS 7 server where I frequently have to manually grant specific users access to specific files or directories. We do this using file ACLs, but I often run into an issue where I have set the ACLs on the file, but the user still cannot access it because they don't have permission to cd into the directory containing the file and/or any number of its parent directories. What follows is a tedi ...

Score: 0
NoobAdmin avatar
On CentOS 6, how to let user-created files inherit permissions from their parent directory?
bh flag

So our servers are set-up like this:
Folder structure

/asic is our grand project's folder, /200T is a subproject of that grand project, and folders right under /200T such as /lbh are each worker's personal directories who are working on the subproject. /asic, /200T, /lbh were all created by root and then had their properties reconfigured by root via chmod -R and chown -R. /asic and /200T are owned by

Score: 0
dudehro avatar
sshfs mount not shown correct inside docker container
us flag

We have a sshfs mounted on the host, that is also a volume inside a docker container.

  1. sshfs is called with gid+uidfile for correct mapping to www-data. That is what we need. This is working and looking good.

  2. Now we are going inside our container. The destination for the sshfs-mount inside the container is /var/www/html/data. If I do stat /var/www/html/data with user root everything is looking l ...

Score: 0
jessieloo avatar
Credentials manager for LocalService - Azure Server to Local Server with Node.js
us flag

A colleague is having issues getting a node web service hosted on azure to be able to access a file server on premise. There must be a vpn tunnel setup b/c if you remote onto the azure server using our azure admin login, we can browse to the files without any issue and have told it to remember the connection which adds it to the Credentials Manager in Windows Control Panel. In my experience, in order  ...

Score: 0
FTP gives an error 550 but file permissions are the same
th flag


  • Windows Server 2008 R2 with updates.
  • Filezilla FTP Server 0.9.60 (for LAN use only)


  • Total Commander 10
  • WinSCP 5.17

I have two files in the same folder. I can overwrite one of them via FTP and the other one I can't. I get error 550 "Could not open file for writing" in both clients.

I compared file permissions with icacls and they are exactly the same. The user on behalf of which Fil ...

Score: 1
Hojii avatar
MySQL ERROR 1045 Access denied for 'nova'@'controller'
za flag


I installed Openstack Wallaby using OpenStack Installation Guide, all command and configuration is on my Github. This LAB is running on VirtualBox and I have another LAB with the same configuration and Openstack version on ESXi without any problem.

At this point one controller with two compute node.

In the below section improve database permission confgured correctly

Databases are cre ...

Score: 0
Google Cloud Project with No Owner
us flag

We have a Google Cloud project on my team and the owner has since left the organization.

We still have access to the project because someone on my team in an editor but editors cannot give others access. She is leaving the team and we are trying to give someone else access.

If there is no owner listed and the editor can't give access does that mean there is no way to give anyone else access or assig ...

Score: 0
How could I run PHP-FPM master process as non-root user?
mx flag

I'm trying to achieve rootless PHP-FPM pod running in Kubernetes.

I tried simply running process in Kubernetes pod via init script that does php-fpm -FO as www-data user but it complaints about not having permissions to access /dev/stderr (log output location). Adding www-data user to the tty group also didn't help.

I tried specifying another location like /proc/self/fd/2 and even /dev/pts/1 as log  ...

Score: 0
Issue with self hosted wordpress - not able to see uploaded images
xk flag

I am having issues with my self hosted wordpress installation running on Ubuntu server, with Nginx. I am using buddyboss plugin with buddyx theme.

The issue is that when a user uploads an image, we can only see a link to it in his profile, but the image is blank. When I open the user's page, the console is showing me an error message 404:

/wp-content/uploads/bb-platform-previews/b9014e776e469ca6d ...

Score: 0
slightly_toasted avatar
Sticky bit directory not behaving as expected when accessed by Active Directory accounts via Samba
bd flag

I have a CentOS Samba server that is domain joined to an Active Directory domain controller for authentication.

My understanding is setting the sticky bit on a directory will prevent any children from being moved or deleted by anyone except root and the owner.

This configuration behaves as expected when accessed by local users. E.g. A non-root, non-owner attempting to delete or move a file inside th ...

Score: 1
Tom Harrison Jr avatar
AWS SSO: Should I use Permission Sets or IAM Roles, or Both?
gu flag

We have AWS accounts for dev, staging, and prod. We use AWS SSO via Okta, and define groups like "Developers" and "Support" in Okta.

Developer group should have broad access to our AWS dev account, but limited access in staging and prod. Support group should have AWS access as well, but also different permissions by account.

How can I allow group members to log in, then have suitable permissions dep ...

Score: 0
Restore permissions to all files in folder using RPM
ru flag

Using chmod, I accidentally changed everything in a bin folder and now sudo/su doesn't work.

I know rpm -q --whatprovides can provide which RPM provides a specific file. and rpm --setperms can restore everything provided by a RPM.

Is there a way to restore the permissions of all the files in a folder using rpm?

Score: 0
bandwagoner avatar
Accessing BigQuery data from different project in same organization with a Service Account
ng flag

I'm having some serious trouble getting the official BigQuery client (in Python 3) to a different project in the same organization authorized from a Cloud Run service.

The Cloud Run service is in Project Main, and I'm trying to access a table in Project Other -- both of these projects are in the same organization.

The service account was a user-created service account created in Project Main (not th ...

Score: 1
ihorc avatar
Fail2ban socket permissions reset on reboot
cn flag

I have some specific group/permissions set for my fail2ban.sock file to make Zabbix able to monitor Fail2ban as described here

I added the following lines to systemd service configuration to make sure the permissions will be correct after service restart:

ExecStartPost=/bin/sh -c "while ! [ -S /run/fail2ban/fail2ban.sock ]; do slee ...
Score: 0
Apache rewrite condition not matching, possibly bad syntax?
my flag

Hi so I have a rewrite rule in order to control access to the admin page of a service behind a reverse proxy. I only want local ip's to be able to access it. So essentially if the condition does NOT match then we follow the rule and restrict access. However it seems the rewrite condition either never gets evaluated or doesn't match and I'm not sure which it is or how to check.

At the moment I h ...

Score: 4
George Y avatar
How can root start a process that only root can kill?
vn flag

It is easy to start a process at background or make it as systemd service.

However, if I want to start a process that monitors activities on the Linux machine, it fells to the target of attacks. If any user want to do something bad it will first kill this process, even if they are only sudoers or wheel users, by simply executing kill or systemctl stop.

Is there a way to enforce a process that only  ...

Score: 0
Handsome Nerd avatar
File permissions and owner of web root
in flag

Consider you have a freshly installed Linux distro (maybe a new EC2 instance) and you are going to run a git clone on the /srv folder to host a website (maybe a PHP one).

How should you run the git clone so every created files and folder have the correct permission/groups? You are going to use an HTTP Server similar to Nginx to serve the website.

In this post the author has suggested this:

# 0. se ...