Unable to open included file even it has permissions?
Ondrej Zajicek
santiago at crfreenet.org
Thu Feb 27 03:19:29 CET 2020
On Thu, Feb 27, 2020 at 01:13:29AM +0100, Robert Scheck wrote:
> Good evening,
>
> could somebody please point out my mistake? Why is BIRD telling that it
> can't access /var/lib/foo/bird.conf?
>
> $ ls -ld /var/lib/foo/ /var/lib/foo/bird.conf
> drwxr-x---. 2 foo foo 4096 Feb 27 00:53 /var/lib/foo/
> -rw-r--r--. 1 root root 10 Feb 27 00:53 /var/lib/foo/bird.conf
> $
>
> $ id bird
> uid=996(bird) gid=993(bird) groups=993(bird),1000(foo)
Hi
You need group foo to access /var/lib/foo/, that is part of secondary
groups for bird user (as reported by 'id') and these secondary groups are
assigned e.g. when 'su - bird' is used.
But when you run 'bird -u bird -g bird', it only set UID (-u) and GID
(-g), not secondary groups, so bird daemon does not have access to foo
group. You can check /proc/29334/status to see value of 'Groups'.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list