Unable to open included file even it has permissions?

Ondrej Zajicek santiago at crfreenet.org
Thu Feb 27 03:19:29 CET 2020


On Thu, Feb 27, 2020 at 01:13:29AM +0100, Robert Scheck wrote:
> Good evening,
> 
> could somebody please point out my mistake? Why is BIRD telling that it
> can't access /var/lib/foo/bird.conf?
> 
> $ ls -ld /var/lib/foo/ /var/lib/foo/bird.conf 
> drwxr-x---. 2 foo  foo  4096 Feb 27 00:53 /var/lib/foo/
> -rw-r--r--. 1 root root   10 Feb 27 00:53 /var/lib/foo/bird.conf
> $ 
> 
> $ id bird
> uid=996(bird) gid=993(bird) groups=993(bird),1000(foo)

Hi

You need group foo to access /var/lib/foo/, that is part of secondary
groups for bird user (as reported by 'id') and these secondary groups are
assigned e.g. when 'su - bird' is used.

But when you run 'bird -u bird -g bird', it only set UID (-u) and GID
(-g), not secondary groups, so bird daemon does not have access to foo
group. You can check /proc/29334/status to see value of 'Groups'.

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."


More information about the Bird-users mailing list