PDA

View Full Version : LS command gives error "permission denied". HELP!


beekayverma
January 24th, 2021, 08:51 PM
Hey guys,
I’m a new linux user and learning ubuntu CLI. I’m trying to use ‘ls’ command to test the user & groups things.
so I have main user ‘beekay’ and other 2 new ones as mentioned in the text below. both can use the ls for /home/username directories howver beekay can’t
please help. below are the groups, ownerships for the folders. only problem with user beekay is that it can’t ls into /home/felipe.

beekay@beekay-Ubuntu-20:~$ ls /home/yogi_v/
beekay@beekay-Ubuntu-20:~$ su - felipe
Password:
felipe@beekay-Ubuntu-20:~$ ls /home/yogi_v/
felipe@beekay-Ubuntu-20:~$ ls /home/beekay/
Desktop Downloads notes.txt Public Templates
Documents Music Pictures snap Videos
felipe@beekay-Ubuntu-20:~$ logout
beekay@beekay-Ubuntu-20:~$ ls /home/yogi_v/
beekay@beekay-Ubuntu-20:~$ ls
Desktop Downloads notes.txt Public Templates
Documents Music Pictures snap Videos
beekay@beekay-Ubuntu-20:~$ ls /home/
beekay felipe yogi_v
beekay@beekay-Ubuntu-20:~$ ls /home/felipe/
ls: cannot open directory '/home/felipe/': Permission denied
beekay@beekay-Ubuntu-20:~$ ls -ld /home/felipe/
drwxr-x--- 2 root student 4096 jaan 24 20:50 /home/felipe/
beekay@beekay-Ubuntu-20:~$
beekay@beekay-Ubuntu-20:~$ ls -ld /home/felipe/
drwxr-x--- 2 root student 4096 jaan 24 20:50 /home/felipe/
beekay@beekay-Ubuntu-20:~$ ls -ld /home/yogi_v/
drwxr-xr-x 2 root student 4096 jaan 24 20:53 /home/yogi_v/
beekay@beekay-Ubuntu-20:~$ ls -ld /home/beekay/
drwxr-xr-x 17 beekay beekay 4096 jaan 24 02:00 /home/beekay/
beekay@beekay-Ubuntu-20:~$ id beekay
uid=1000(beekay) gid=1000(beekay) groups=1000(beekay),4(adm),24(cdrom),27(sudo),30(d ip),46(plugdev),120(lpadmin),131(lxd),132(sambasha re),1001(student)
beekay@beekay-Ubuntu-20:~$ id felipe
uid=1001(felipe) gid=1002(felipe) groups=1002(felipe),1001(student)
beekay@beekay-Ubuntu-20:~$ id yogi_v
uid=1002(yogi_v) gid=1003(yogi_v) groups=1003(yogi_v),1001(student)
beekay@beekay-Ubuntu-20:~$ su - yogi_v
Password:
yogi_v@beekay-Ubuntu-20:~$ ls /home/felipe/
yogi_v@beekay-Ubuntu-20:~$ ls /home/beekay/
Desktop Documents Downloads Music notes.txt Pictures Public snap Templates Videos
yogi_v@beekay-Ubuntu-20:~$ logout
beekay@beekay-Ubuntu-20:~$ su - felipe
Password:
felipe@beekay-Ubuntu-20:~$ ls /home/yogi_v/
felipe@beekay-Ubuntu-20:~$ ls /home/beekay/
Desktop Documents Downloads Music notes.txt Pictures Public snap Templates Videos
felipe@beekay-Ubuntu-20:~$ logout
beekay@beekay-Ubuntu-20:~$ ls /home/yogi_v/
beekay@beekay-Ubuntu-20:~$ ls /home/felipe/
ls: cannot open directory '/home/felipe/': Permission denied
beekay@beekay-Ubuntu-20:~$
GhX6GZMB
January 24th, 2021, 09:25 PM
The first thing you need to get a grip on is to not use su - "user".
It doesn't really change the user, but kind of pretends to by setting some environment variables. man su discourages the use of "su -" probably for good reasons
You can get temporary higher privileges by using sudo before a command.

That being said, you're all members of gid=1001(student), so ls not working is strange.
youngwarlock
January 24th, 2021, 09:37 PM
This happened because beekay does not belong to the same group as felipe. beekay is therefore treated as others, and others do not have the permission to read /home/felipe/

solution: change permission by typing


sudo chmod 755 /home/felipe/

then enter the root password.
GhX6GZMB
January 24th, 2021, 09:45 PM
"This happened because beekay does not belong to the same group as felipe. beekay is therefore treated as others, and others do not have the permission to read /home/felipe/

solution: change permission by typing
Code:
sudo chmod 755 /home/felipe/

then enter the root password."

Huh? All three are members of 1001(student)

My suspicion leans more towards the misspelling of "sambasha re" in the beekay group listing. If beekay's been fiddling around with the groups and accidentally inserted a space in "sambashare", this might result in the read failure of the 1001(student) group.
QIII
January 25th, 2021, 01:14 AM
Changing permissions on the top level of a user's home directory so that another user can gain access -- even read only access -- is profoundly bad advice.

Leave the permissions alone.
TheFu
January 25th, 2021, 03:00 AM
The first thing you need to get a grip on is to not use su - "user".
It doesn't really change the user, but kind of pretends to by setting some environment variables. man su discourages the use of "su -" probably for good reasons
You can get temporary higher privileges by using sudo before a command.

That being said, you're all members of gid=1001(student), so ls not working is strange.

News to me. Please explain.

su - username **is** preferred to my knowledge, as it causes a login to the other userid which sets the environment of that account. From the manpage:

-, -l, --login
Provide an environment similar to what the user would expect had
the user logged in directly.

When - is used, it must be specified before any username. For
portability it is recommended to use it as last option, before any
username. The other forms (-l and --login) do not have this
restriction.

However, using it to change to the root account would NOT be preferred on ubuntu systems, but that is a different use case.

Or did I misunderstand?

For the OP, I'd use 3 different terminals, one for each userid, and show the ls -alF for the directories involved, including the parent. Parent directories control access inside and to all child object inside. A little whitespace would help readability too. I didn't look too hard are the wall of text. Sorry.

Whenever permissions aren't working as expected, it is always something like ACLs or SELinux in the way, IME.
youngwarlock
January 25th, 2021, 04:21 PM
Sorry I missed the fact that beekay and filipe shared a group. That means my earlier answer is wrong.
GhX6GZMB
January 25th, 2021, 06:08 PM
However, using it to change to the root account would NOT be preferred on ubuntu systems, but that is a different use case.

Or did I misunderstand?


No, I misunderstood. I read the codeblock as su to root, which is wrong. Sorry.
New_buntu_89
February 1st, 2021, 09:53 PM
I’m a new linux user and learning ubuntu CLI. I’m trying to use ‘ls’ command to test the user & groups things.
so I have main user ‘beekay’ and other 2 new ones as mentioned in the text below. both can use the ls for /home/username directories howver beekay can’t
please help. below are the groups, ownerships for the folders. only problem with user beekay is that it can’t ls into /home/felipe.
...



NVM, I just noticed the bottom part of your example...

The issue looks like it's just that felipe doesn't have read access for everybody, while the other two users do. Having read access for all is usually not good practice, but I assume you have good reasons...