开发者

Permission denied to edit a file in UNIX

I have a file created by oracle user with permission rw-r--r-- and the parent folder has rwxrwsr-x permission. Now, there is a requirement for batch user to edit this file. But, as you can see, the file can be edited only by the owner i.e Oracle user.

I tried using chmod command to change the permission of the file but batch user is not having permission to execute this command.

Is there any fix for this issue?

开发者_高级运维

Can we do some configuration in UNIX so that it allows batch user to edit the file created by oracle user.

Edit: Corrected the parent folder permission. Earlier i mentioned it as rwxrw-r-x


The directory permissions for 'group' (rw-) are unusual (rwx or r-x would be more usual).

You don't identify which group the file belongs to, nor which group the directory belongs to, nor which group(s) the batch user belongs to, but it probably doesn't matter.

Update after quoted permissions on directory changed: Given that the group can read the file, and create files in the directory, then if your batch user belongs to the group that owns the directory, the batch user can make a copy of the file (in the editor), remove the original file, and write back a new file in the directory.

Does your system support ACLs (access control lists)? If so, then the 'oracle' user as the file owner could grant the batch user read/write access to the file even though the normal Unix permissions don't show that it could happen.

Can you persuade the 'oracle' user to create the file belonging to an appropriate group (one which the batch user also belongs to) and with appropriate group permissions.

If nothing works there, then you are reduced to SUID programs in some shape or form - maybe SUID 'oracle' or SUID 'root'. One option was mentioned in a comment - the sudo command with some vaguely appropriate arguments.


I notice you have the +s bit set on the directory..... if you change the directory owner to that of the batch user the owner of any newly created files should be owned by that user and you can then do what you want with them


If your batch user is in the same group as the oracle user, you can do this:

chmod g+w filename

This should make the file writable for the group.

Run the UNIX command groups to determine which groups a user is in, or check /etc/passwd, /etc/group

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜