Search Results

Search found 4775 results on 191 pages for 'permissions'.

Page 62/191 | < Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >

• Python script to delete old SVN files lacks permission

  - by Rosarch

  I'm trying to delete old SVN files from directory tree. shutil.rmtree and os.unlink raise WindowsErrors, because the script doesn't have permissions to delete them. How can I get around that? Here is the script: # Delete all files of a certain type from a direcotry import os import shutil dir = "c:\\" verbosity = 0; def printCleanMsg(dir_path): if verbosity: print "Cleaning %s\n" % dir_path def cleandir(dir_path): printCleanMsg(dir_path) toDelete = [] dirwalk = os.walk(dir_path) for root, dirs, files in dirwalk: printCleanMsg(root) toDelete.extend([root + os.sep + dir for dir in dirs if '.svn' == dir]) toDelete.extend([root + os.sep + file for file in files if 'svn' in file]) print "Items to be deleted:" for candidate in toDelete: print candidate print "Delete all %d items? [y|n]" % len(toDelete) choice = raw_input() if choice == 'y': deleted = 0 for filedir in toDelete: if os.path.exists(filedir): # could have been deleted already by rmtree try: if os.path.isdir(filedir): shutil.rmtree(filedir) else: os.unlink(filedir) deleted += 1 except WindowsError: print "WindowsError: Couldn't delete '%s'" % filedir print "\nDeleted %d/%d files." % (deleted, len(toDelete)) exit() if __name__ == "__main__": cleandir(dir) Not a single file is able to be deleted. What am I doing wrong?

  Read the article

• Finding out the windows group by virtue of which a user is able to access a database in sql server?

  - by Raghu Dodda

  There is a SQL Server 2005 database with mixed-mode authentication. Among others, we have the following logins on the server: our-domain\developers-group-1, and our-domain\developers-group-2 which are AD groups. The our-domain\developer-group-2 is added to the sysadmin role on the server, by virture of which all domain users of that group can access any database as SQL Server implictly maps the sysadmin role to the dbo user in each database. There are two users our-domain\good-user and our-domain\bad-user The issue is the following: Both the good-user and the bad-user have the exact same AD group memberships. They are both members of our-domain\developers-group-1 and our-domain\developers-group-2. The good-user is able to access all the databases, and the bad-user is not. The bad-user is able to login, but he is unable access any databases. By the way, I am the good-user. How do I go about finding out why? Here's what I tried so far: When I do print current_user, I get dbo When I do print system_user, I get my-domain\good-user When I do select * from fn_my_permissions(NULL, 'SERVER'), I see permissions. But if do execute as user='my-domain\good-user'; select * from fn_my_permissions(NULL, 'SERVER'), I dont see any permisisons. And When I do, execute as user='my-domain\bad-user'; select * from fn_my_permissions(NULL, 'SERVER'), I dont see any permisisons. Also, I was wondering if there is a sql command that will tell me, "hey! the current database user is able to access this database because he is a member such-and-such ad-group, which is a login that is mapped to such-and-such user in this database".

  Read the article

• Vista seems to prevent .net from reading/updating file attributes.

  - by CFP

  Hello everyone! The following function copies a file from Source & Path to Dest & Path, normally setting file attributes to normal before copying. Yet, a user of my app has reported it to fail when copying readonly files, returning a permissions-related error. The user is however running the code as administrator, and the error happens - quite strangely - on the SetLastWriteTimeUtc line. Although the code reports that the file attributes are set to normal, windows explorer shows that they are set to read only. Sub CopyFile(ByVal Path As String, ByVal Source As String, ByVal Dest As String) If IO.File.Exists(Dest & Path) Then IO.File.SetAttributes(Dest & Path, IO.FileAttributes.Normal) IO.File.Copy(Source & Path, Dest & Path, True) If Handler.GetSetting(ConfigOptions.TimeOffset, "0") <> "0" Then IO.File.SetAttributes(Dest & Path, IO.FileAttributes.Normal) IO.File.SetLastWriteTimeUtc(Dest & Path, IO.File.GetLastWriteTimeUtc(Dest & Path).AddHours(Handler.GetSetting(ConfigOptions.TimeOffset, "0"))) End If IO.File.SetAttributes(Dest & Path, IO.File.GetAttributes(Source & Path)) End Sub I just fail to see the problem in this code, so after long hours of searching for the solution, I thought one of SO VB.Net Gurus might help :) Thanks a lot. Edit: The actual error is Access to the path '(..)' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) at System.IO.File.OpenFile(String path, FileAccess access, SafeFileHandle& handle) at System.IO.File.SetLastWriteTimeUtc(String path, DateTime lastWriteTimeUtc)

  Read the article

• ACL actions tag cause 'roles resource tree' draw incorrectly in admin/system/permissions/roles

  - by latvian

  Hi, We created new action similar to 'hold', 'ship' and others in the 'sales_order/view' admin section that can be triggered by clicking at the button. Afterward, we added our new action to the ACL with the following code in config.xml: <acl> <resources> <admin> <children> <sales> <children> <order> <children> <actions translate="title"> <title>Actions</title> <children> <shipNew translate="title"><title>Ship Ups</title></shipNew> </children> </actions> </children> <sort_order>10</sort_order> </order> </children> </sales> </children> </admin> </resources> </acl> ACL functionality works, however, in the 'Resources Tree'(System/Permissions/Roles/Role Resources) our new action does never show up as selected(checked) even thou it is allowed for particular Role. I can see that from table 'admin_rule' with resource id for our new action that it is allowed, so it needs to be selected, but it is not. When trying to solve this issue i looked into the template(permissions/rolesedit.phtml) and I found that the 'resource tree' is draw with Javascript...thats where i got stock due to my limited knowledge in Javascript. Why the resource tree does not display our new ACL entry correctly, that is the check box is never checked? Thank You for helping margots

  Read the article

• Non RBAC User Roles and Permissions System: checking the user's City

  - by micha12

  We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post. We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way: if (User.City == “Moscow”) // Allow the user to view the page. else // Do not allow the user to view this page. Though this case is very simple and straightforward, it has nothing to do with the RBAC. On StackOverflow, someone called this an Attribute-based Access Control. Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome. The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not? This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong. Thank you.

  Read the article

• Providing File permissions in Installshield

  - by Pawan Kumar

  I have created an installer in Installshield X. I want to give 'write permissions' to few files when the installation is done in Non-Admin Windows accounts ( by default it will have only 'read' permission). If I select individual file and go to properties (inside Installshield),i have permissions tab where they have provided options like Domain , Readonly, Full Control, Modify etc. I have tested these options but it doesn't effect the msi file.(specific files doesn't have write permission). Is there something wrong I am doing? There is another way of doing this, writing the script Set objShell=CreateObject("WScript.Shell") installDir = Session.Property("INSTALLDIR.5A884667_3CC4_41EC_B0F2_BEEAB457BB8C") supportDir = Session.Property("SUPPORTDIR") length = Len(installDir) lastChar = Right(installDir, 1) if (lastChar = "\") Then installDir = Left(installDir, length - 1) end if 'MsgBox supportDir & "\setacl.exe """ & installDir & """ /dir /set S-1-5-32-545 /full /p:yes /sid /silent" objshell.Run supportDir & "\setacl.exe """ & installDir & """ /dir /set S-1-5-32-545 /full /p:yes /sid /silent",0,true Can someone please explain me what is going on here? those last set s-1-5-32-545. Thanks

  Read the article

• Spree customize/extend user roles and permissions

  - by swapnil

  I am trying to specify some custom roles in Spree for example role 'client' and extend the permissions to access the admin section for this role. This user will be able to access only those Product created by that user. Concept is letting a user with role 'client' manage only products and other certain Models. To start with I added CanCan plugin and defined a RoleAbility Class in role_ability.rb Just following this post : Spree Custom Roles Permissions class RoleAbility include CanCan::Ability def initialize(user) user ||= User.new if user.has_role? 'admin' can :manage, :all elsif user.has_role? 'client_admin' can :read, Product can :admin, Product end end end Added this to an initializer : config/initializers/spree.rb Ability.register_ability(RetailerAbility) Also extended admin_products_controller_decorator.rb :app/controllersadmin_products_controller_decorator.rb Admin::ProductsController.class_eval do def authorize_admin authorize! :admin, Product authorize! params[:action].to_sym, Product end end But I am getting flash message 'Authorisation Failure' Trying to find some luck, I referred following links A github gist for Customizing Spree Roles : https://gist.github.com/1277326 Here's a similar issue what I am facing : http://groups.google.com/group/spree-user/browse_thread/thread/1e819e10410d03c5/23b269e09c7ed47e All efforts in vain... Any pointers of what is going on here highly appreciated ? Thanks in advance.

  Read the article

• Getting directory's permissions via FTP

  - by Gotys

  I am trying to get permissions of a directory via FTP command "STAT" like this: $directory_list = ftp_raw($conn_id,'STAT '.$path); The above command lists entire directory contents , including files and subdirs. I then search the returned data array for the directory i need to check, and retrieve something like: drwxr-xr-x 3 user group 77824 May 13 10:15 Targetdir This will let me parse the drwxr-xr-x string to find out that the chmod of the Targetdir is 0755. Problem is, when the containing directory has 5000 files. A) It takes a very long time, and B) the ftp_raw function just returns empty array 1 in 10 runs. I don't know if it's timing out or what exactely is the problem. Is there are a better way to find directory's permissions ? Is there a way to limit number of retrieved fiels in "STAT" command ? I really need just the top 5 , no need for the other 4995 files. Does anyone know, why would my command NOT run 100% of the time? Why would it break ? I cannot even reproduce my error, it happens randomly.

  Read the article

• how to programatically compare permissions of login/user in sql server 2005

  - by titanium

  There's a login/user in SQL Server who is having a problem importing accounts in production server. I don't have an idea what method he is doing this. According to the one importing, this import is working fine in development server. But when he did the same import in production it is giving him errors. Below are the errors he is getting for each accounts. 2009-06-05 18:01:05.8254 ERROR [engine-1038] Task [1038:00001 - Members]: Step 1.0 [<Insert step description>]: Task.RunStep(): StoreRow has failed 2009-06-05 18:01:05.9035 ERROR [engine-1038] Task [1038:00001 - Members]: Step 1.0 [<Insert step description>]: Task.RunStep(): StoreRow exception: Exception caught while storing Data. [Microsoft][ODBC SQL Server Driver][SQL Server]'ACCOUNT1' is not a valid login or you do not have permission. Please note that 'ACCOUNT1' is not the real account name. I just changed it for security reason. Using SQL Server Management Studio (SSMS), I viewed/checked the permissions of the user/login who is performing the import from development server and production for comparison. I found no difference. My question is: Is there a way to programmatically query permissions in server and database level of a particular login/user so I can compare/contrast for any differences?

  Read the article

• No result when Rally.data.WsapiDataStore lacks permissions

  - by user1195996

  I'm calling Ext.create('Rally.data.WsapiDataStore', params), and looking for results with the load event. I'm requesting a number of objects across programs that the user may or may not have read permission for. This works fine for queries where the user has permissions. But in the case where the user does not have permission and presumably gets zero results back, the load event does not seem to fire at all. I would expect it to fire with the unsuccessful flag or else to return with empty results. Since I don't know that the request has failed, my program waits and waits. How can I tell if a this request fails to return because of security? BTW, looking at the network stats, I believe all my requests get a "200 OK" status back. Here is the method I use to create the various data stores: _createDataStore: function(params) { this.openRequests++; var createParams = { model: params.type, autoLoad: true, // So I can later determine which query type it is, and which program requestType: params.requestType == undefined ? params.type : params.requestType, program: this.program, listeners: { load: this._onDataLoaded, scope: this }, filters: params.filters, pageSize: params.pageSize, fetch: params.fetch, context: { project: this.project, projectScopeUp: false, projectScopeDown: true }, pageSize: 1 // We only need the count }; console.log('_createDataStore', this.program, createParams.requestType); Ext.create('Rally.data.WsapiDataStore', createParams); }, And here is the _onDataLoaded method: _onDataLoaded: function(store, data, successB) { console.log('_onDataLoaded', this.program, successB); ... I only see this function called for those queries for which the account has permissions.

  Read the article

• SQL CLR Stored Procedure and Web Service

  - by Nathan

  I am current working on a task in which I am needing to call a method in a web service from a CLR stored procedure. A bit of background: Basically, I have a task that requires ALOT of crunching. If done strictly in SQL, it takes somewhere around 30-45 mins to process. If I pull the same process into code, I can get it complete in seconds due to being able to optimize the processing so much more efficiently. The only problem is that I have to have this process set as an automated task in SQL Server. In that vein, I have exposed the process as a web service (I use it for other things as well) and want the SQL CLR sproc to consume the service and execute the code. This allows me to have my automated task. The problem: I have read quite a few different topics regarding how to consume a web service in a CLR Sproc and have done so effectivly. Here is an example of what I have followed. http://blog.hoegaerden.be/2008/11/11/calling-a-web-service-from-sql-server-2005/ I can get this example working without any issues. However, whenever I pair this process w/ a Web Service method that involves a database call, I get the following exceptions (depending upon whether or not I wrap in a try / catch): Msg 10312, Level 16, State 49, Procedure usp_CLRRunDirectSimulationAndWriteResults, Line 0 .NET Framework execution was aborted. The UDP/UDF/UDT did not revert thread token. or Msg 6522, Level 16, State 1, Procedure MyStoredProc , Line 0 A .NET Framework error occurred during execution of user defined routine or aggregate 'MyStoredProc': System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. System.Security.SecurityException: at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) at System.Security.CodeAccessPermission.Demand() at System.Net.CredentialCache.get_DefaultCredentials() at System.Web.Services.Protocols.WebClientProtocol.set_UseDefaultCredentials(Boolean value) at MyStoredProc.localhost.MPWebService.set_UseDefaultCredentials(Boolean Value) at MyStoredProclocalhost.MPWebService..ctor() at MyStoredProc.StoredProcedures.MyStoredProc(String FromPostCode, String ToPostCode) I am sure this is a permission issue, but I can't, for the life of me get it working. I have attempted using impersonation in the CLR sproc and a few other things. Any suggestions? What am I missing?

  Read the article

• Task Scheduler Cannot Apply My Changes - Adding a User with Permissions

  - by Aaron

  I can log in to the server using a domain account without administrator privileges and create a task in the Task Scheduler. I am allowed to do an initial save of the task but unable to modify it with the same user account. When changes are complete, a message box prompts for the user password (same domain user I logged in with), then fails with the following message. Task Scheduler cannot apply your changes. The user account is unknown, the password is incorrect, or the account does not have permission to modify the task. When I check Log on as Batch Job Properties (found this from the Help documentation): This policy is accessible by opening the Control Panel, Administrative Tools, and then Local Security Policy. In the Local Security Policy window, click Local Policy, User Rights Assignment, and then Logon as batch job. Everything is grayed out, so I can't add a user. How can I add a user?

  Read the article

• routing table permissions under Windows 7 and openvpn

  - by pilcrow

  My ovpn client, 32-bit OpenVPN 2.1.1 on 64-bit Windows 7 Pro, cannot accept routes pushed to it by my remote endpoint ovpn server. This happens even if I invoke OpenVPN as a member of Administrators, and whether or not I've specified script-security 2 (as suggested by [this question][2]). Mon Mar 29 12:57:19 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.254.3/255.255.255.0 on interface {8BE2E9CF-F4C9-4A5E-98FD-E12DF1B6C3A4} [DHCP-serv: 192.168.254.3, lease-time: 86400] Mon Mar 29 12:57:19 2010 NOTE: FlushIpNetTable failed on interface [14] {GUID} (status=5) : Access is denied. Mon Mar 29 12:57:24 2010 TEST ROUTES: 8/8 succeeded len=8 ret=1 a=0 u/d=up Mon Mar 29 12:57:24 2010 C:\WINDOWS\system32\route.exe ADD 172.20.1.0 MASK 255.255.255.0 192.168.254.1 Mon Mar 29 12:57:24 2010 ROUTE: route addition failed using CreateIpForwardEntry: Access is denied. [status=5 if_index=14] Mon Mar 29 12:57:24 2010 Route addition via IPAPI failed [adaptive] Mon Mar 29 12:57:24 2010 Route addition fallback to route.exe Mon Mar 29 12:57:24 2010 ERROR: Windows route add command failed [adaptive]: returned error code 1 ... and so on for each specific route the server pushes out. It doesn't seem right to me that the administrative user, the one configured at Windows 7 install time, should need further privileges. What am I missing?

  Read the article

• Setting write permissions for folders while creating a package with MSDeploy

  - by bala_88

  I'm using MSDeploy to create an artefact as a build step in NAnt. This particular build step is called on successful compilation. The artefact is then used to for deployment. Here is the step specified in my build file. <target name="BuildMsDeployPackage" depends="StageForMsDeployPackaging"> <exec program="${msdeploy.exe}" workingdir="${buildDirectory}" verbose="true" commandline="-verb:sync -source:iisapp=${packagingDirectory} -dest:package=${publishDirectory}\${webapp.artifact.zip}"/> The source here is my my web project. I want to be able to set specify write access to a couple of folders in the package that is created. Is this possible? I know that there is a setAcl provider for this specific purpose, but can this be used while creating a package?

  Read the article

• Setting WMI permissions remotely

  - by christianlinnell

  I've developed a tool that does a simple retrieval of registered services and installed applications from remote Windows Server 2003 servers via WMI. My problem is, the tool needs to be run on an ad hoc basis by a user who is not an administrator of those servers. I've created a domain user (which the tool will use to run the query) that I'd like to grant remote WMI permission on each server, but given there are about 200 servers, I can't do it manually. Is there a way to grant access to that domain user via WMI, or by distributing a registry change via SMS or Group Policy?

  Read the article

• Sudoers file permissions

  - by twigg

  I'm trying to run the following command without the need for sudo: echo 1 | sudo tee -a /sys/block/$hd/device/delete The $hd variable changes dynamically from sdb - sdi for each one of my HDD's in my drive bay. I added the following line to the sudoers file: operator ALL=/sys/block/sdb/device/delete But this didn't make a difference its still asking for sudo password even if I run: echo 1 | sudo tee -a /sys/block/sdb/device/delete

  Read the article

• LINKED TABLES BETWEEN MS ACCESS 2003 AND MS ACCESS 2007-WRITE PERMISSIONS DENIED

  - by STEVE KING

  We are in the process of switching over to ACCESS 2007. We have numerous data tables in ACCESS 2003 files. In one case, the user has 2007 on his PC and opend the front end in 2007. No problems. When the the user is done, he clicks a button that executes a macro full of update queries. The macro reaches the first query and halts. We get a messge saying we do not have permisons to write to this linked table (2003 format). There were no security files involved. We re-linked from 2007, same problem. LAN permssions were ok. I wound up having to import the tables to front end in order for the user to be able to do his job.

  Read the article

• WebDAV through Apache2 permissions/missing files

  - by Strifariz

  I have a WebDAV setup on Apache2 on a server running Debian 5.0 (Lenny), which I am accessing through a mapped network drive under Windows 7. The setup appears to run fine, I receive no permission errors when copying a file to the share the first time, but the file never shows up in the directory (it's invisible, doing a ls -lha on the directory as root on the server also shows no files. When attempting to copy the file once more I am informed that the file already exists though, and I am asked if I wish to overwrite the file, when selecting "Yes" to this, I receive a permission error saying I'm not able to write to the folder. My logs aren't reporting any access violations of any kind, what could be the problem? (See log excerpt below) [17/Jan/2011:10:26:34 +0100] "PUT /1.png HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "PUT /1.png HTTP/1.1" 201 304 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "LOCK /1.png HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "LOCK /1.png HTTP/1.1" 200 447 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "PROPPATCH /1.png HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "PROPPATCH /1.png HTTP/1.1" 207 389 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "HEAD /1.png HTTP/1.1" 401 - "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "HEAD /1.png HTTP/1.1" 200 - "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:34 +0100] "PUT /1.png HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:35 +0100] "PUT /1.png HTTP/1.1" 204 - "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:35 +0100] "PROPPATCH /1.png HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:35 +0100] "PROPPATCH /1.png HTTP/1.1" 207 389 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:35 +0100] "UNLOCK /1.png HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:35 +0100] "UNLOCK /1.png HTTP/1.1" 204 - "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:38 +0100] "PROPFIND / HTTP/1.1" 401 525 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600" [17/Jan/2011:10:26:38 +0100] "PROPFIND / HTTP/1.1" 207 1634 "-" "Microsoft-WebDAV-MiniRedir/6.1.7600"

  Read the article

• Windows Server 2008 R2 - IIS7.5 - Web site permissions

  - by dmckenna

  Why when I remove the MACHINENAME\Users group permission set from a websites physical folder and and grant a similar permission set to MACHINENAME\IIS_IUSRS group my website will not start. Why do I have to grant Read & Execute, List folder contents and Read to the MACHINENAME\Users group physical website folder?

  Read the article

• Manage Upload Permissions, SFTP & Linux

  - by John R

  I'm new to Linux. I am working with a Redhat 5.5 server and am using a Java-based SFTP script that will allow multiple users to upload text files to a server. I am undecided if each user will have a separate directory or if I will use a naming convention that includes their customer ID. The files include some personal information about their LAN settings, so I prefer to use SFTP as apposed to FTP. It is my understanding that SFTP is encrypted (Also, I have a Java class configured to upload via SFTP, so I prefer not to switch protocols unless their is a very-good reason). The prototype is for a system that will support large numbers of customers and the thought of continually adding and removing clients through the command line seems highly impractical. (Again, I am new_to/learning Linux and Redhat). What are normal conventions for giving multiple users permission to SFTP upload files with a unique username and password for each.

  Read the article

• PHP/Linux File Permissions

  - by user1733435

  May I ask a question about file permission. I set up Ubuntu server where Apache got running. I have simple php upload form and able to upload file to /var/www/site/uploads as follows. sandbox@sandbox-virtual-machine:/var/www/site/uploads$ ll total 1736 drwxrwxrwx 2 www-data www-data 4096 Oct 18 02:53 ./ drwxrwxrwx 3 sandbox sandbox 4096 Oct 18 00:42 ../ -rw-r--r-- 1 www-data www-data 145998 Oct 18 02:53 3d wallpaper pic.jpg -rw-r--r-- 1 www-data www-data 166947 Oct 18 02:53 3D Wallpapers 9.jpg -rw-r--r-- 1 www-data www-data 1451489 Oct 18 02:53 6453_3d_landscape_hd_wallpapers_green.jpg Is there anyway to upload files and they show up as -rw-r--r-- 1 sandbox sandbox 145998 Oct 18 02:53 3d wallpaper pic.jpg -rw-r--r-- 1 sandbox sandbox 166947 Oct 18 02:53 3D Wallpapers 9.jpg -rw-r--r-- 1 sandbox sandbox 1451489 Oct 18 02:53 6453_3d_landscape_hd_wallpapers_green.jpg so that I could straight away feed them to waiting/running shell script. Right now waiting script(move,checksums,rename,resize,etc) unable to do anything to uploaded files with attributes of www-data. If I just do as local account, such as sandbox@sandbox-virtual-machine:/var/www/site/uploads$touch testfile then the script is able to run as I would like to. Any suggestion would be grateful,thanks in advance as well. Thanks for everyone giving help to me,that I was able to progress. Now I am close to getting solved and append the output sandbox@sandbox-virtual-machine:/var/www/site/uploads$ ll total 388 drwxrwxrwx 2 www-data www-data 4096 Oct 18 04:22 ./ drwxrwxrwx 3 sandbox sandbox 4096 Oct 18 04:17 ../ -rw-r--r-- 1 sandbox sandbox 166947 Oct 18 04:21 3D Wallpapers 9.jpg -rw-r--r-- 1 sandbox sandbox 219808 Oct 18 04:20 adafruit_pi.png -rw-rw-r-- 1 sandbox sandbox 0 Oct 18 04:22 test How may I set permission to uploaded files like 'test' only w difference in middle group. Such as adafruit_pi.png Vs test. Which statement shall I insert to php code,please?

  Read the article

• Giving two different users permissions to a dir

  - by Jason Swett

  I have a script that is run sometimes via the web, sometimes via the command line. When the script is run via web, it's run via user www-data. When it's run via command line, it's run via user jason. This script writes to a directory called cache. If I chown -R jason cache, I can run the script as jason but not www-data. This makes sense. If I chown -R www-data cache, I can run the script as www-data but not jason. This also makes sense. I tried creating a group called scripts, adding my two users, then chowning cache to scripts. I'm not really sure how to do the last part, the chowning part. The Linux command docs I've found online for this are astoundingly bad. I don't know if I explained this all that well but hopefully it's clear what I'm trying to do. Any advice would be appreciated.

  Read the article

• VSFTPD Unable to set write permissions on folder

  - by Frank Astin

  I've just set up my first FTP server with VSFTPD on cent os . I can connect to it fine using a user in the group ftp-users but I get read only access . I've tried several different CHMOD codes on the folder (even 777) all to no avail . This is the tutorial I used to set up the server http://tinyurl.com/73pyuxz hopefully you'll be able to see something I missed. Thanks in advance . Requested Config File : # Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=NO # # Uncomment this to allow local users to log in. local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. #anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # The name of log file when xferlog_enable=YES and xferlog_std_format=YES # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log #xferlog_file=/var/log/xferlog # # Switches between logging into vsftpd_log_file and xferlog_file files. # NO writes to vsftpd_log_file, YES to xferlog_file xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES # # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd whith two configuration files. # Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES

  Read the article

• Bash can't start a programme that's there and has all the right permissions

  - by Rory

  This is a gentoo server. There's a programme prog that can't execute. (Yes the execute permission is set) About the file $ ls prog $ ./prog bash: ./prog: No such file or directory $ file prog prog: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), not stripped $ pwd /usr/local/bin $ /usr/local/bin/prog bash: /usr/local/bin/prog: No such file or directory $ less prog | head ELF Header: Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 Class: ELF32 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (Executable file) Machine: Intel 80386 Version: 0x1 I have a fancy less, to show that it's an actual executable, here's some more data: $ xxd prog |head 0000000: 7f45 4c46 0101 0100 0000 0000 0000 0000 .ELF............ 0000010: 0200 0300 0100 0000 c092 0408 3400 0000 ............4... 0000020: 0401 0a00 0000 0000 3400 2000 0700 2800 ........4. ...(. 0000030: 2600 2300 0600 0000 3400 0000 3480 0408 &.#.....4...4... 0000040: 3480 0408 e000 0000 e000 0000 0500 0000 4............... 0000050: 0400 0000 0300 0000 1401 0000 1481 0408 ................ 0000060: 1481 0408 1300 0000 1300 0000 0400 0000 ................ 0000070: 0100 0000 0100 0000 0000 0000 0080 0408 ................ 0000080: 0080 0408 21f1 0500 21f1 0500 0500 0000 ....!...!....... 0000090: 0010 0000 0100 0000 40f1 0500 4081 0a08 ........@...@... and $ ls -l prog -rwxrwxr-x 1 1000 devs 725706 Aug 6 2007 prog $ ldd prog not a dynamic executable $ strace ./prog 1249403877.639076 execve("./prog", ["./prog"], [/* 27 vars */]) = -1 ENOENT (No such file or directory) 1249403877.640645 dup(2) = 3 1249403877.640875 fcntl(3, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE) 1249403877.641143 fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0 1249403877.641484 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b3b8954a000 1249403877.641747 lseek(3, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 1249403877.642045 write(3, "strace: exec: No such file or dir"..., 40strace: exec: No such file or directory ) = 40 1249403877.642324 close(3) = 0 1249403877.642531 munmap(0x2b3b8954a000, 4096) = 0 1249403877.642735 exit_group(1) = ? About the server FTR the server is a xen domU, and the programme is a closed source linux application. This VM is a copy of another VM that has the same root filesystem (including this programme), that works fine. I've tried all the above as root and same problem. Did I mention the root filesystem is mounted over NFS. However it's mounted 'defaults,nosuid', which should include execute. Also I am able to run many other programmes from that mounted drive /proc/cpuinfo: processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 4 model name : Intel(R) Xeon(TM) CPU 3.00GHz stepping : 1 cpu MHz : 2992.692 cache size : 1024 KB fpu : yes fpu_exception : yes cpuid level : 5 wp : yes flags : fpu tsc msr pae mce cx8 apic mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl cid cx16 xtpr bogmips : 5989.55 clflush size : 64 cache_alignment : 128 address sizes : 36 bits physical, 48 bits virtual power management: Example of a file that I can run I can run other programmes on that mounted filesystem on that server. For example: $ ls -l ls -rwxr-xr-x 1 root root 105576 Jul 25 17:14 ls $ file ls ls: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), stripped $ ./ls attr cat cut echo getfacl ln more ... (you get the idea) ... rmdir sort tty $ less ls | head ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (Executable file) Machine: Advanced Micro Devices X86-64 Version: 0x1

  Read the article

• cups log kills ubuntu 12.04 and sudoer permissions changed

  - by peterretief

  I am using Ubuntu 12.04 as a desktop and recently had a weird crash with the log file for cups filling up the entire drive and not letting me back in, also what changed was /var/lib/sudo had changed from root to peter (me) I didn't make this change - I checked the history! I set the sudoers back to root and capped the max size for cups log Anyone had a similar experience? It feels like someone is messing around with my settings Is there any way to trace how the error occurred? Logs auth.log Jan 1 02:04:13 peter-desktop lightdm: pam_unix(lightdm:session): session opened for user lightdm by (uid=0) Jan 1 02:04:13 peter-desktop lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 Jan 1 02:06:53 peter-desktop lightdm: pam_unix(lightdm:session): session opened for user lightdm by (uid=0) Jan 1 02:06:53 peter-desktop lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 syslog Jan 1 02:04:13 peter-desktop rsyslogd: [origin software="rsyslogd" swVersion="5.8.6" x-pid="903" x-info="http://www.rsyslog.com"] start Jan 1 02:04:13 peter-desktop rsyslogd: rsyslogd's groupid changed to 103 Jan 1 02:04:13 peter-desktop rsyslogd: rsyslogd's userid changed to 101 Jan 1 02:04:13 peter-desktop rsyslogd-2039: Could not open output pipe '/dev/xconsole' [try http://www.rsyslog.com/e/2039 ] Jan 1 02:04:13 peter-desktop bluetoothd[898]: Failed to init gatt_example plugin Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Initializing cgroup subsys cpuset Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Initializing cgroup subsys cpu Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Linux version 3.2.0-25-generic-pae (buildd@palmer) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #40-Ubuntu SMP Wed May 23 22:11:24 UTC 2012 (Ubuntu 3.2.0-25.40-generic-pae 3.2.18) Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] KERNEL supported cpus: Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Intel GenuineIntel Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] AMD AuthenticAMD Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] NSC Geode by NSC

  Read the article

< Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >