Permission Denied

N

neepie

Hi,

I'm having an issue where I might just be overlooking something very simple. But I've been trying to figure this out for a while now, and I can't figure this out.

On a webserver, I'm trying to execute find from a script.
The script is run by the user www and it fails with a Permission denied error
As it turns out, the user www can not execute find:

Code: 
$> sudo -u www /usr/bin/find .
find: .: Permission denied
Find is executable for everyone:
Code: 
$> ls -lrt /usr/bin/find
-r-xr-xr-x  1 root  wheel  36672 Feb 14  2007 /usr/bin/find

I don't really know where to start looking, any help would be greatly appreciated.

Thanks
 
the . directory is not accessible from www user?

type
Code: 
sudo -u www /bin/pwd
and after
Code: 
ls -ld <output of previous command>
 
So that partly works. And it does give me a way around the problem.

If I do it from my home dir, the permissions seem to be the problem:
Code: 
$> sudo -u www /usr/bin/find .
find: .: Permission denied
$> sudo -u www /bin/pwd
/usr/home/rsamson
ls -ld /usr/home/rsamson
drwx------  3 rsamson  rsamson  1024 Aug 24 16:32 /usr/home/rsamson

When I run find from a directory that www can access, it does work:
Code: 
$> cd /var/dat/import
$> sudo -u www /usr/bin/find .
.
./testFile

However when I run that same find from my homedir, I get that same Permission Denied again.
Code: 
$> /bin/pwd
/usr/home/rsamson
$> sudo -u www /usr/bin/find /var/dat/import
find: .: Permission denied

I guess I could have the script cd into the /var/dat/import directory first as a workaround, but I would like to understand why I can't just run that find command from any directory.
 
The /usr/home/rsamson/ directory has 700 for permissions.
Meaning only the owner of the directory (that's rsamson) has permission to read, write and execute.

Handbook: 3.3 Permissions
 
neepie said:
... I guess I could have the script cd into the /var/dat/import directory first as a workaround, but I would like to understand why I can't just run that find command from any directory.
Click to expand...

This is not a workaround. find command try to open . directory.
You can see this behaviour by reading source
Code: 
	if ((dotfd = open(".", O_RDONLY, 0)) < 0)
		err(1, ".");
or by executing
Code: 
$> cd /usr/home/rsamson
$> sudo -u www truss /usr/bin/find /var/dat/import

Beastie said:
[cmd=""]ls -ld `sudo -u www /bin/pwd`[/cmd]

?
Click to expand...
I love cut and paste :D
 
You must log in or register to reply here.
Back
Top