I want to create a file in a directory owned by the staff group which I am a member of. Why can I not do this?
bmccann@bmccann-htpc:~$ ls -l /usr/local/lib/R/
total 4
drwxrwsr-x 2 root staff 4096 2010-07-31 16:21 site-library
bmccann@bmccann-htpc:~$ id -nG bmccann
bmccann adm dialout cdrom plugdev staff lpadmin admin sambashare
bmccann@bmccann-htpc:~$ touch /usr/local/lib/R/site-library/tmp
touch: cannot touch `/usr/local/lib/R/site-library/tmp': Permission denied
Did you logout and log back in after making the group changes? See:
Super User answer involving touch permissions failure
Why can't Linux user edit files in group he is a part of?
I am using Ubuntu 12.04 and had the same problem where a user cannot write to a file to whom he is allowed group access to. For example:
whoami //I am user el
el
touch /foobar/test_file //make a new file
sudo chown root:www-data /foobar/test_file //User=root group=www-data
sudo chmod 474 /foobar/test_file //owner and others get only read,
//group gets rwx
sudo groupadd www-data //create group called www-data
groups //take a look at the groups and see
www-data //www-data exists.
groups el //see that el is part of www-data
el : www-data
Restart the terminal now to ensure the users
and groups have taken effect. Login as el.
vi /foobar/test_file //try to edit the file.
Produces the Warning:
Warning: W10: Warning: Changing a readonly file"
What? I've done everything right why doesn't it work?
Answer:
Do a full reboot of the computer. Stopping the terminal isn't enough to fix these problems.
I think what happens is apache2 also uses the www-data group, so the task was somehow preventing the users and groups from being enforced correctly. Not only do you have to logout, but you have to stop and restart any services that use your group. If a reboot doesn't get it, you've got bigger problems.
I had the same issue, check if the folder has any more ACL rules or not!
If you can see + (plus sign) when you list folder, that means it has special access rules. For example:
[user_in_apache_group@web02 html]$ ls -l
total 16
drwxrwxr-x 16 apache apache 4096 Sep 4 13:46 ilias
drwxrwxr-x+ 15 apache apache 4096 Sep 4 13:46 ilias5
View the permission:
[user_in_apache_group@web02 html] getfacl ilias5
# file: ilias5
# owner: apache
# group: apache
user::rwx
user:user_in_apache_group:r-x
group::rwx
mask::rwx
other::r-x
So that means my user (user_in_apache_group) has no write permission for that folder.
The solution is what @techtonik said, add write permission for user:
[user_in_apache_group@web02 html]$ sudo setfacl -m u:user_in_apache_group:rwx ./ilias5
Check permission again:
[user_in_apache_group@web02 html] getfacl ilias5
...
user:user_in_apache_group:rwx
...
Hope it helps. ;)
Use Linux ACL (access control lists) - it is more fine-grained version of permission system,
setfacl -R -m 'group:staff:rwx' -m 'd:group:staff:rwx' /usr/local/lib/R/
This sets both active rights for directory and default rights for anything created within.
This fails to work without relogin if you've just added yourself to the staff
group, but you may set the permission only for yourself for the current session.
I had an issue when a user could not access the /foo/bar/baz
directory even when he had permissions because he did not have an access to the bar
directory.
Check if your parent directory have permission before you add content to that file
sudo chmod -R 777 /yourDir/file.log