PDA

View Full Version : changing ownership group permissions failing



changedtothis
16th January 2010, 04:39 AM
hi
just trying to learn linux here and have some comfusing moments.
it is my understanding that if you own directories and files you may
change the group, ownership, and permissions on all of these as you desire.
however, in my case I cannot make any changes in my setup on group, ownership
or permissions on any of my files or directories.
get error message <operation not permitted>. I know as root you ar supposed to
be able to do anything you desire, however in my case I can go in as root and
try the same commands with the same results. it is as if I am locked out of
system as far as any changes are concerned.

on my jump drive I have:


total 83832
drwxr-xr-x 26 jevans root 16384 1969-12-31 19:00 .
drwxrwxr-x 9 jevans jevans 4096 2010-01-15 12:51 ..
-rwxr-xr-x 1 jevans root 402418 2009-07-14 18:29 12thingslo.pdf
-rwxr-xr-x 1 jevans root 382992 2009-01-14 10:28 150 answers.htm
-rwxr-xr-x 1 jevans root 1987 2008-06-29 23:39 15NUMBERGAMEADDRESS.txt
-rwxr-xr-x 1 jevans root 165 2009-07-25 12:26 1clickpcfix.txt
-rwxr-xr-x 1 jevans root 139112 2009-09-12 11:23 322756.exe
-r-xr-xr-x 1 jevans root 274 2009-10-05 17:14 autorun.inf
-rwxr-xr-x 1 jevans root 208241 2009-12-03 18:58 Barnes & Noble_com.mht
drwxr-xr-x 2 jevans root 4096 2010-01-09 14:30 boardofpharmacy
-rwxr-xr-x 1 jevans root 144930 2009-07-14 18:24 bombdrop.mht
-rwxr-xr-x 1 jevans root 1165 2009-12-15 16:34 bookinquiry.txt
-rwxr-xr-x 1 jevans root 664 2009-09-05 13:40 booklist.txt
-rwxr-xr-x 1 jevans root 7680 2009-06-19 12:48 boot.dat
I have tried to change the group on my . directory unseccessfully to jevans
I have tried to change various group from root to jevans without success.

using
chgrp jevans . <using . as indicated directed.>
got message <changing group to jevans> did not happen
chown jevans:jevans . <changing ownership:group to jevans did not happen
in the manual on fedora 10 under chgrp I have:
chgrp jevans /u what goes in the /u spot? have tried . & .. and also
a directory and a file as trial no changes occurred.
the format I was using was:
chgrp jevans booklist.txt
chown jevans:jevans booklist.txt
chgrp jevans boardofpharmacy
chown jevans:jevans boaradofpharmacy

manual format
chgrp jevans /u
chown jevans:jevans /u
chgrp jevans /. for home directory
chown jevans:jevans /u
chown jevans:jevans /.
chgrp jevans /boardofpharmacy <for a file>
so what goes in the /u spot here?
unable to change anything

any file I create comes back the the following:

-rwxr-xr-x 1 jevans root 0 2010-01-15 13:06 /media/TRAVELDRIVE/testfile
as you can see I owner jevans and group as root and cannot change this
setting. cannot change group or permissions
I also have an external portable passport drive 250G
when it automounts when plugged in all I can get in a ls -la | less
is the dot and dot dot directory listings.
hee ....

total 8
drwxr-xr-x 2 jevans jevans 4096 2009-10-27 21:37 .
drwxrwxr-x 11 jevans jevans 4096 2010-01-15 13:12 ..
when I umount and mount manually I get this:


total 3577148
drwxrwxrwx 1 jevans root 12288 2010-01-14 10:56 .
drwxrwxr-x 10 jevans jevans 4096 2010-01-15 13:25 ..
drwxrwxrwx 1 jevans root 4096 2009-07-04 17:37 1CLICKPCFIX2
drwxrwxrwx 1 jevans root 24576 2009-12-20 18:29 1gigtraveldrive
drwxrwxrwx 1 jevans root 36864 2009-12-26 13:37 alllinuxarchive
drwxrwxrwx 1 jevans root 4096 2009-12-04 21:34 all windows spks
drwxrwxrwx 1 jevans root 4096 2009-12-04 01:46 archivedtoDVD
drwxrwxrwx 1 jevans root 0 2009-05-09 12:24 backup_from_hd
-rwxrwxrwx 1 jevans root 986 1998-10-08 16:59 CHANGE.BAS
drwxrwxrwx 1 jevans root 4096 2009-05-09 13:12 clean_up
drwxrwxrwx 1 jevans root 36864 2009-11-07 00:05 fe6
-rwxrwxrwx 2 jevans root 3662573568 2009-02-11 12:55 Fedora-10-i386-DVD.iso
drwxrwxrwx 1 jevans root 0 2009-07-06 17:53 fedora 11 isofile
-rwxrwxrwx 1 jevans root 1535 2010-01-12 08:09 groupchange

this is on an external 250g drive with two partitions:
1 vfat
1 ntfs

again unable to make any changes to anything...
so where is my problem?
even when I log in as root user I cannot make any changes to directories, groups or permission.

thanks in advance...hope someone out there has an answer
the furder I go the confuser I got

the /media/FAT32 partition gives normal listing when auto mounted my system
the /media/passport_ntfs partition only gives the dot and dot dot lines
a 2 line listing when auto mounted.

my fstab file has been pounded out as suggested by a previous reply for the
mounting file systems command.



#
# /etc/fstab
# Created by anaconda on Mon Oct 26 19:00:06 2009
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or vol_id(8) for more info
#
/dev/VolGroup00/LogVol00 / ext3 defaults 1 1T
UUID=f2e3120b-2a35-4dfb-9869-cd53bf68fd40 /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/VolGroup00/LogVol01 swap swap defaults 0 0
UUID=284069BC4069917C /mnt/windows ntfs rw,uid=500,auto 0 0
#/dev/sda1 /mnt/windows ntfs rw,uid=500 0 0
#/dev/sdb1 /media/passport_vfat vfat rw,users 0 0
#UUID=CA8C0E018C0DE931 /media/passport_ntfs ntfs rw,uid=500 0 0
#/dev/sdc1 /media/traveldrive vfat rw,users 0 0
#/dev/sr0 /mnt/fedora10dvd iso9660 ro,users,auto 0 0
#/dev/sr0 /mnt/yumdvd iso9660 ro,users,auto 0 0
#/dev/sr0 /mnt/DVD iso9660 ro,users,auto 0 0
#/dev/sdb1 /media/traveldrive vfat rw,users 0 0

so what have I screwed up in the learning process?
as owner of directories and files I can man no changes
and as root user I can likewise make no changes...HELP...HELP...
would hate to have to go thru a new installation again!!!!!



changedtothis

forkbomb
16th January 2010, 04:47 AM
You can't really change the ownership or permissions on vfat or ntfs partitions for any practical purposes. Possibly NTFS to some degree. Frankly, VFAT/FAT32/FATxyz has effectively no group/permissions based access control.

Access to Windows partitions on a Linux system can be modified, on a per filesystem basis, by the umask mount option (umask=0000 if I recall right).

changedtothis
16th January 2010, 06:46 PM
hi tkbsmeul

I am just trying to learn linux...about the last 6-8 months. long way to go I think.
since you straightened me out on this it does make since but some of the files was
created under linux and saved to my external drives jump, and external usb's which are
vfat and ntfs on some. some of the files involved were created under linux and copied to the usb units.
but...
even when I transfer the files back to my linux home directory neither I <jevans> or root could make any changes to group or permissions. so in going back and forth between a linux type partition and a vfat and ntfs setup make any difference?
I had the same problem on my linux setup...dual booting fedora 9 and windows xphome.
I was not permitted to make any changes to files and directories under my linux system and even as root got error message <operation not permitted>. So could I have screwed up somewhere in playing around with these changes?
hate to have to do a reinstall.

many thankd
changedtothis

changedtothis
23rd January 2010, 03:12 PM
here is my directory listing first 10 lines:

total 44296
drwxrwx--- 54 jevans jevans 4096 2010-01-18 19:39 .
drwxrwxr-x 5 jevans jevans 4096 2010-01-18 09:44 ..
-rw-rw-r-- 1 jevans jevans 85 2009-12-27 18:25 addedcommands
-rw-rw-r-- 1 jevans jevans 953 2010-01-10 07:33 at.find.commands
-rw-rw-r-- 1 jevans jevans 137 2010-01-07 16:00 average.awk
drwxrwxr-x 2 jevans jevans 4096 2009-12-02 12:38 backuprpn
-rw------- 1 jevans jevans 14678 2010-01-18 11:05 .bash_history
-rw-r--r-- 1 jevans jevans 18 2008-10-28 17:37 .bash_logout
-rw-r--r-- 1 jevans jevans 176 2008-10-28 17:37 .bash_profile

here is listing of a file I was trying to change owner and or group on:

-rwxrwxr-- 1 jevans jevans 1640 2009-11-18 12:37 dead.letter

trying to change group to cevans also a user on system.
chgrp cevans dead.letter
chgrp: changing group of `dead.letter': Operation not permitted

chown :cevans dead.letter
chown: changing group of `dead.letter': Operation not permitted

chown jevans:cevans dead.letter
chown: changing group of `dead.letter': Operation not permitted

it is my understanding that as owner of a file or directory I can make
any changes I like to owner, group or permissions. however I am unable
to change the owner or group of the files in my home directory.
permissions I am able to change.

I know I can go into root and do this but that does not seem reasonable
on the files or directories which I am the owner. why does the owner of
files or directories have to call on root user to make these changes for
him?
does root user have to alter the ownership and group membership of all users
on the system?
where am I wrong here...misunderstood???
since I own the files and directories why can I not make these changes?
why do I have to be logged with root permissions to make these changes?
I am not understaning the rules here?

thanks

changedtothis

changedtothis
6th March 2010, 06:39 AM
3/5/10

total 44672
drwxrwxr-- 55 jevans jevans 4096 2010-03-04 19:19 .
drwxrwxr-x 5 jevans jevans 4096 2010-02-15 19:13 ..
-rw-rw-r-- 1 jevans jevans 17314 2010-03-03 19:58 accesscontrollistman.pdf
-rw-rw-r-- 1 jevans jevans 44526 2010-03-03 19:57 accesscontrollistman.ps
-rw-rw-r-- 1 jevans jevans 85 2009-12-27 18:25 addedcommands
-rwxrwxr-- 1 jevans jevans 953 2010-01-10 07:33 at.find.commands
-rw-rw-r-- 1 jevans jevans 137 2010-01-07 16:00 average.awk
-rw------- 1 jevans jevans 12874 2010-03-04 06:17 .bash_history
-rw-r--r-- 1 jevans jevans 18 2008-10-28 17:37 .bash_logout


-rwxrwx--- 1 jevans jevans 76 2010-03-04 19:05 /home/jevans/testpermissions
command was:
chgrp cevans testpermissions
chgrp: changing group of `testpermissions': Operation not permitted
command was:
chown cevans testpermissions

chown: changing ownership of `testpermissions': Operation not permitted

here you can see that cevans is a member of jevans group...if I am understanding
it correctly:

news:x:484:
mysql:x:27:
gdm:x:42:
jetty:x:483:
jevans:x:500:cevans
cevans:x:501:
projectx:x:502:cevans

so where am I screwing up. did an inquiry earlier but have not seen a
response so trying again.
I can go in as root and make the changes as stated above commands but it is
my understanding <a beginner here> that as owner of the file I could make
the changes with no problem.
how do I do it?

thanks in advance

changedtothis

Nokia
6th March 2010, 10:47 AM
chown [OPTION]... [OWNER][:[GROUP]] FILE... is pretty self-explanatory

markkuk
6th March 2010, 11:15 AM
here you can see that cevans is a member of jevans group...if I am understanding
it correctly:

news:x:484:
mysql:x:27:
gdm:x:42:
jetty:x:483:
jevans:x:500:cevans
cevans:x:501:
projectx:x:502:cevans

The user cevans is a member of the jevans group. There are no members in the cevans group.



it is my understanding <a beginner here> that as owner of the file I could make
the changes with no problem.

You aren't allowed to give away the ownership of a file. This means that you must be a member of the group to which you are changing the group ownership of a file. In your example case, you must make user jevans a member of the cevans group before the operation is permitted.

changedtothis
6th March 2010, 08:25 PM
ok gang...
thanks for many replies but I am still confused. just in learning process and just do not
understand the rules.
Dan sorry about the double post. guess I screwed up someway in my posting, will try to
be more careful here, don't want to be a problem child.
I am looked at manual and tried to follow it but was not able to make the change in the
group settings.
per manual...
chgrp cevans listpermissions got error operation not permitted.
can go into root and make the change
the file is listed as owner jevans and group jevans...tried to change group to cevans but
did not work.
so please be patient with me here. dumb-dumbs learn slowly I guess

also as I said before according to manual info the owner of a file can change ownership
of a file he owns...am I not understanding t his?
chown cevans listpermissions did not work
this is according to man chown and chgrp info on fedora 10

thanks
changedtothis

Hlingler
6th March 2010, 08:39 PM
Assuming that you have posted (part of) the contents of file /etc/group, then you have fumbled the group memberships (as already pointed out): user=cevans is a member of group=jevans, but group=cevans HAS NO MEMBERS. So: you can't (as user=jevans) transfer ownership to that group, because it has no members, least of all user=jevans - you have no authority to transfer ownership to group=cevans.

Please post results of command:
grep evans /etc/group

V

markkuk
7th March 2010, 12:47 AM
the file is listed as owner jevans and group jevans...tried to change group to cevans but
did not work.
Because jevans isn't member of the group cevans.



also as I said before according to manual info the owner of a file can change ownership
of a file he owns...am I not understanding t his?

My manual tells the following:

man 2 chown
(...)
Only a privileged process (Linux: one with the
CAP_CHOWN capability) may change the owner of a file. The owner of a
file may change the group of the file to any group of which that owner
is a member. A privileged process (Linux: with CAP_CHOWN) may change
the group arbitrarily.
The Single Unix Specification (http://www.opengroup.org/onlinepubs/009695399/functions/chown.html) agrees with the Linux man page, with different wording. What man page claims that a file owner may make arbitrary changes to file ownership?

changedtothis
8th March 2010, 08:19 AM
HOWN(1) User Commands CHOWN(1)



NAME
chown - change file owner and group

SYNOPSIS
chown [OPTION]... [OWNER][:[GROUP]] FILE...
chown [OPTION]... --reference=RFILE FILE...

DESCRIPTION
This manual page documents the GNU version of chown. chown changes the
user and/or group ownership of each given file. If only an owner (a
user name or numeric user ID) is given, that user is made the owner of
each given file, and the files’ group is not changed. If the owner is
followed by a colon and a group name (or numeric group ID), with no
spaces between them, the group ownership of the files is changed as
well. If a colon but no group name follows the user name, that user is
made the owner of the files and the group of the files is changed to
that user’s login group. If the colon and group are given, but the
owner is omitted, only the group of the files is changed; in this case,
chown performs the same function as chgrp. If only a colon is given,
or if the entire operand is empty, neither the owner nor the group is
changed.
*******************************
markkuk

here is manual page from my fedora 10 installation
the way I read the above is that the owner can indeed change the ownership of the file or directory and group also: but I am just in the
early stages of trying to learn linux and I could be misreading the instrutions...been known to do that, so please advise where I a going
wrong. really appreciate all the replies on this...maybe in time!

thanks

changedtothis

markkuk
8th March 2010, 01:27 PM
It says absolutely nothing about who is permitted to change the ownership, that information is on the chown(2) manpage referenced in the "See Also" section.

jpollard
8th March 2010, 02:48 PM
You, as owner of the file are allowed to change the group of the file, but only to a
group you are a member of.

You also need to know that if you are added to a group after you have logged in,
that change will not take effect until you logout, and log in again. This has to do
with how a login process is initialized - the login process scans the group file and
builds a membership list. When the command shell (whether command line or
window) is started, the process receives the group list. It is this group list that
is checked for group membership when doing a chown/chgrp.

You cannot change the ownership of a file (well.... except as root) because this is
a known security vulnerability. (it also is a way to bypass disk quota enforcement,so
it is also disabled).

You might also consider looking into some introductory reference material - I suggest
"Linux in a Nutshell" as reasonable. Just browsing through the book will give some
ideas of where to look for information on a lot of topics.

changedtothis
9th March 2010, 06:13 AM
Because jevans isn't member of the group cevans.


My manual tells the following:
The Single Unix Specification (http://www.opengroup.org/onlinepubs/009695399/functions/chown.html) agrees with the Linux man page, with different wording. What man page claims that a file owner may make arbitrary changes to file ownership?

here is man page from my fedora 10 installation and the way I read it the owner shoule
be capable of changing ownership of a file he owns: where am I wrong?
***********************
HOWN(1) User Commands CHOWN(1)



NAME
chown - change file owner and group

SYNOPSIS
chown [OPTION]... [OWNER][:[GROUP]] FILE...
chown [OPTION]... --reference=RFILE FILE...

DESCRIPTION
This manual page documents the GNU version of chown. chown changes the
user and/or group ownership of each given file. If only an owner (a
user name or numeric user ID) is given, that user is made the owner of
each given file, and the files’ group is not changed. If the owner is
followed by a colon and a group name (or numeric group ID), with no
spaces between them, the group ownership of the files is changed as
well. If a colon but no group name follows the user name, that user is
made the owner of the files and the group of the files is changed to
that user’s login group. If the colon and group are given, but the
owner is omitted, only the group of the files is changed; in this case,
chown performs the same function as chgrp. If only a colon is given,
or if the entire operand is empty, neither the owner nor the group is
changed.

---------- Post added at 08:55 PM CST ---------- Previous post was at 08:52 PM CST ----------


It says absolutely nothing about who is permitted to change the ownership, that information is on the chown(2) manpage referenced in the "See Also" section.

HOWN(1) User Commands CHOWN(1)



NAME
chown - change file owner and group

SYNOPSIS
chown [OPTION]... [OWNER][:[GROUP]] FILE...
chown [OPTION]... --reference=RFILE FILE...

DESCRIPTION
This manual page documents the GNU version of chown. chown changes the
user and/or group ownership of each given file. If only an owner (a
user name or numeric user ID) is given, that user is made the owner of
each given file, and the files’ group is not changed. If the owner is
followed by a colon and a group name (or numeric group ID), with no
spaces between them, the group ownership of the files is changed as
well. If a colon but no group name follows the user name, that user is
made the owner of the files and the group of the files is changed to
that user’s login group. If the colon and group are given, but the
owner is omitted, only the group of the files is changed; in this case,
chown performs the same function as chgrp. If only a colon is given,
or if the entire operand is empty, neither the owner nor the group is
changed.

---------- Post added at 09:13 PM CST ---------- Previous post was at 08:55 PM CST ----------


You, as owner of the file are allowed to change the group of the file, but only to a
group you are a member of.

You also need to know that if you are added to a group after you have logged in,
that change will not take effect until you logout, and log in again. This has to do
with how a login process is initialized - the login process scans the group file and
builds a membership list. When the command shell (whether command line or
window) is started, the process receives the group list. It is this group list that
is checked for group membership when doing a chown/chgrp.

You cannot change the ownership of a file (well.... except as root) because this is
a known security vulnerability. (it also is a way to bypass disk quota enforcement,so
it is also disabled).

You might also consider looking into some introductory reference material - I suggest
"Linux in a Nutshell" as reasonable. Just browsing through the book will give some
ideas of where to look for information on a lot of topics.

jpollard

thanks for reply. had a reply from markkuk and meant to post a question to hime but
submitted a reponse before I thought if this one. in his reply he had typed the command
in caps <CAP_CHOWN>, is this significant? thought commands were in small letters.
also have a user cevans and user jevans. does cevans have to be logged in maybe before
I can make change? can do it as root but not as jevans. this may not be that important
but would like to understand it as part of the learning process.
appreciate the book suggestion...will certainly give it a looksee if the libraries or book
store have it.
take a look at the manual page from my fedora10 install. looks like it says the changes
I am trying to make should be possible.


thanks

changedtothis

Hlingler
9th March 2010, 06:27 AM
You are reading only half of the story (and inferring conclusions that are not stated therein) - to read the rest, type:
man 2 chown

and press <ENTER> key, and read the part quoted by markkuk.

<CAP_CHOWN> is not a command, it is a program variable/capability.

V

jpollard
9th March 2010, 03:47 PM
The original UNIX specification did not make limits to whom a user could give a file
to... Under IRIX, there was a kernel option to enable/disable this capability.

If a user has <CAP_CHOWN> capability set, then that user can change the
ownership of a file.

You can view your capabilities (a normal user has none, and is blocked from
getting any) by "cat /proc/self/status", though to translate the capability
bits (CapInh, CapPrm, CapEff, and CapBnd) you will have to some
investigation... CapInh - capabilities that can be inherited via exec
CapPrm - capabilities you are permitted, CapBnd a bounding capability list.

man capability will give more information.

changedtothis
12th March 2010, 05:55 AM
hi gang
the following may shed some light on my ongoing problem yet unsolved.



hey gang
just bumped into another problem in my struggle with linux.
have two users on system jevans and cevans

when trying to change group or owner of a file in jevans it also makes the
changes in the cevans directory.
this involved the home directory and the parent directories of both.
here is what I did:

from the /home/jevans directory which was listed as cevans:cevans in the double
dot directory
here was my command
chgrp jevans ..
this did change the group in jevans and also in cevans on the double dot
directory.
went to the /home/cevans directory which was listed as jevans:jevans as owner
and group in double dot directory
tried chgrp cevans ..
this changed it here and also in my /home/jevans double dot directory.
for the ownership change went to root and did this.
cd /home/jevans to go to my directory to change owner of double dot
from cevans to jevans
it made the change but when I check the /home/cevans double dot it had
also changed.
so here again where am I going astray?

my /home/jevans directory is:

total 40516
drwxrwxr-- 56 jevans jevans 4096 2010-03-10 17:52 .
drwxrwxr-x 5 cevans cevans 4096 2010-02-15 19:13 ..
-rw-rw-r-- 1 jevans jevans 17314 2010-03-03 19:58 accesscontrollistman.pdf
-rw-rw-r-- 1 jevans jevans 85 2009-12-27 18:25 addedcommands
-rw-rw-r-- 1 jevans cevans 331 2010-03-06 17:43 aliasList
-rwxrwxr-- 1 jevans jevans 953 2010-01-10 07:33 at.find.commands
-rw-rw-r-- 1 jevans jevans 137 2010-01-07 16:00 average.awk
-rw------- 1 jevans jevans 14111 2010-03-10 17:42 .bash_history
-rw-r--r-- 1 jevans jevans 18 2008-10-28 17:37 .bash_logout

****************************
the cevans directory is:


total 160
drwxrwx--- 26 cevans jevans 4096 2010-03-10 17:53 .
drwxrwxr-x 5 cevans cevans 4096 2010-02-15 19:13 ..
-rw------- 1 cevans cevans 1936 2010-03-10 17:39 .bash_history
-rw-r--r-- 1 cevans cevans 18 2008-10-28 17:37 .bash_logout
-rw-r--r-- 1 cevans cevans 176 2008-10-28 17:37 .bash_profile
-rw-r--r-- 1 cevans cevans 124 2008-10-28 17:37 .bashrc
drwxr-xr-x 2 cevans cevans 4096 2009-11-24 17:42 .cache
-rw-r--r-- 1 root root 0 2010-03-10 17:53 cevansdir
drwxr-xr-x 3 cevans cevans 4096 2009-11-24 17:42 .config

as you can see the changes to the cevans .. directory was also made to
my jevans .. directory

from root I did a directory change to go to the individual directories.

cd /home/jevans from root to my home directory
then cd back to root
cd /home/cevans from root to cevans home directory
before doing the chgrp and chown commands.

also tried from root: chown jevans /home/jevans/ ..
from root: chown cevans /home/cevans/..
nothing seem to happen here...

any advice or help appreciated.

thanks

changedtothis

tripleninez
12th March 2010, 10:57 AM
hi tkbsmeul

I am just trying to learn linux...about the last 6-8 months. long way to go I think.
since you straightened me out on this it does make since but some of the files was
created under linux and saved to my external drives jump, and external usb's which are
vfat and ntfs on some. some of the files involved were created under linux and copied to the usb units.
but...
even when I transfer the files back to my linux home directory neither I <jevans> or root could make any changes to group or permissions. so in going back and forth between a linux type partition and a vfat and ntfs setup make any difference?
I had the same problem on my linux setup...dual booting fedora 9 and windows xphome.
I was not permitted to make any changes to files and directories under my linux system and even as root got error message <operation not permitted>. So could I have screwed up somewhere in playing around with these changes?
hate to have to do a reinstall.

many thankd
changedtothis

if you want a little tip, you may want to install a little utility called "beesu". it is an extension that allows you to change permissions and ownerships on files by right-clicking on them and looking for "scripts" in the menu, which will lead you "beesu" and to more menus like: files and folders(contains all the permission and ownership stuff) and other menu options as well. it also uses "root" and will ask you for a password when applying changes. then you can see what you are doing and it sometimes is faster, and helpful if you are a "visual learner". it's useful, anyway....

package manager: search "beesu" google it if you need more help with it...

just an idea...

ts9

markkuk
12th March 2010, 12:19 PM
as you can see the changes to the cevans .. directory was also made to
my jevans .. directory
That's because it's the same directory and one directory can't have multiple owners. ".." is a shortcut (hard link) to the parent of the current directory, and the parent of both /home/cevans and /home/jevans is /home. /home should be owned by root:root, please fix that.

changedtothis
12th March 2010, 09:52 PM
That's because it's the same directory and one directory can't have multiple owners. ".." is a shortcut (hard link) to the parent of the current directory, and the parent of both /home/cevans and /home/jevans is /home. /home should be owned by root:root, please fix that.

**************************************8
markkuk...
if I understand this here is what I would do, right?
this would be for the jevans directory:
drwxrwxr-x 5 root root 4096 2010-02-15 19:13 ..

this would be for the cevans directory
drwxrwxr-x 5 root root 4096 2010-02-15 19:13 ..
is this correct?
on the parent directory since root is the owner of the parent directory and owner of the group in parent directory
how would this affect access to the directory further down the line? may be a dumb question but just in learning
process...slowly...slowy
greatly appreciate the help here will give this a try and see what happens.
again I greatly appreciate all the help I am getting here, someday maybe????
changedtothis

jpollard
13th March 2010, 12:46 AM
A little background reading would help you a lot...

The directory structure is a tree. The root directory of the system is named "/".
And it has a "." entry and a ".." entry. For the root of the system, both entries
refer to the same file (an "ls -il" will list the inode numbers associated with a
file/directory). All directories have a minimum of two entries with these names.

A directory within the root directory (such as home) has a name, such as /home.
This directory contain a minimum of two entries, "." which points to the same inode
as the /home entry in the root filesystem. It also has a ".." entry which points to
the parent (in this case, the root directory).

Ownership of files is based on the inode. (Now we get to skim the surface of a
filesystem).

A disk volume is traditionally divided up into areas - a boot block, and a partition
table. The partition table defines the size (number of blocks) a filesystem may
occupy. there will be at least one partition on a disk for it to be usable with
filesystems.

The filesystem is divided up into four areas, a boot/volume label, an inode list,
a free list (in various forms), and free blocks.

The inode list is a simple array of blocks (usually one block per entry) that can be
indexed from 0.. the maximum number of files that can exist in the filesystem.

Inode 0 and 1 in linux systems are reserved for special use.
Inode 2 the directory for the root of the filesystem. At a minimum, there is one
data block allocated to it, and it contains two entries (an empty filesystem)
"." is associated with inode 2, and ".." is also connected to inode 2.

Files (whether directory, symbolic link, executable, or data..) are allocated from
the free blocks, marked as allocated in the free list, and associated with an
inode.

The inode has several fields, user id, group id, permissions (attributes- type of file,
access controls..), length of file, and a list of data blocks that belong to the file.

The filesystem hierarchy is represented as a tree, with directories containing other
directories, each with a name. This tree:


root
|
+--------+------+------+--------------------------+
| | | |
"." ".." lost+found ..... home
|
+--------+----------+---------------+
| | | |
"." ".." cevans jevans
| |
+----+----+ +----+----+
| | | | | |
"." ".." file "." ".." file2



The purpose of the "." and ".." entries is two fold: One is to be able to rebuild the
directory tree if the system crashes. The repair procedure scanns all inodes, and
re-connects missing/incorrect entries based on the "." and ".." entries, if the tree
is really messed up, what happens is that directories (and files) that don't have
a proper parent directory are put in the directory "lost+found". This doesn't happen
very often now, as journaling filesystems provide a very good failsafe method
of recovery. But sometimes... it happens.

The other reason for the ".." entry is to make file access simpler - it allows a process
to identify a file by "../name", which means - look in the current directory for the
parent entry "..", and locate the file "name" in that directory. Without the ".."
construct, you would always have to provide a full path to the file. Similarly, using
the "." entry, you can just reference "name", with the understanding that the file
is in "./name" - the current directory.

Some commands use this to remind you of where/what your current directory
is (pwd - print working directory). It does this by reading the current directory
for ".", to find "..", then it read the file to match the inode number that is attached
to the "." entry. when found, that name is now known to be that last part of the
path. Then it repeats the process by reading the ".." entry of the parent directory..
pwd continues this until the ".." entry has the same inode number as ".". Now that
all names have been identified (in reverse order...) it prints them out in forward
order, putting a "/" between each name.

Now, back to inodes... Putting all of the attributes of a file in the inode
simplifies the directory.. a lot. The only thing necessary in a directory
is the "file name", and the inode index number associated with the file.
(a quick "ls -i" will show the inode..name pairs, and if you want the
files that start with a dot, "ls -ia").

Changing the group associated with a file just replaces the gid (group id)
number that in the gid field of an inode.

changedtothis
13th March 2010, 04:52 PM
jpollard...greatly appreciate your reply, sure this will help
have several books, linux secrets,fedora 9,teach yourself linux in 24hours<sams>, the small linux reference
all of which I am delving thru.

am at work and not a change to digest your reply, will do it later.

ok may be making some progress here I think but one more question...

here is the first 10 lines in my projectx directory


total 180
drwxrwx--- 25 projectx projectx 4096 2010-03-12 18:04 .
drwxrwxr-x 5 root root 4096 2010-02-15 19:13 ..
-rw------- 1 projectx projectx 1270 2010-03-12 14:44 .bash_history
-rw-r--r-- 1 projectx projectx 18 2008-10-28 17:37 .bash_logout
-rw-r--r-- 1 projectx projectx 176 2008-10-28 17:37 .bash_profile
-rw-r--r-- 1 projectx projectx 124 2008-10-28 17:37 .bashrc
drwxr-xr-x 2 projectx projectx 4096 2010-01-19 15:02 .cache
drwxr-xr-x 3 projectx projectx 4096 2010-01-19 15:02 .config
drwx------ 3 projectx projectx 4096 2010-01-19 15:02 .dbus

I have changed the .. directory to root root as you suggested

here is experimental test file for changing group designation

-rwxrwxr-- 1 projectx projectx 0 2010-03-12 17:52 testfile
this is listed as owner and group rwx
so I should be able to change group designation

command was chgrp jevans testfile
chgrp: changing group of `testfile': Operation not permitted

so what is wrong here?

here is last 10 lines of my /etc/group file showing jevans is a member
of the projectx group

sshd:x:74:
dovecot:x:487:
mock:x:486:
torrent:x:485:
haldaemon:x:68:
wbpriv:x:88:
hsqldb:x:96:
news:x:484:
mysql:x:27:
gdm:x:42:
jetty:x:483:
jevans:x:500:cevans
cevans:x:501:jevans
projectx:x:502:cevans,jevans

using the gpasswd command I am unable to add projectx to the jevans or cevans
group

gpasswd -a jevans projectx

gpasswd: Permission denied.

I cannot add a group to jevans or cevans at this point...this has changed.
using command gpasswd -a jevans projectx
gpasswd -a cevans projectx
get permission denied

looking at the /etc/group file looks like it is marked for root only to write

-rw-r--r-- 1 root root 915 2010-03-09 18:10 /etc/group
so is this the problem? is it necessary for root to make this change?
of group ownership?

here is listing from my jevans directory

total 40536
drwxrwxr-- 57 jevans jevans 4096 2010-03-12 18:27 .
drwxrwxr-x 5 root root 4096 2010-02-15 19:13 ..
-rw-rw-r-- 1 jevans jevans 17314 2010-03-03 19:58 accesscontrollistman.pdf
-rw-rw-r-- 1 jevans jevans 85 2009-12-27 18:25 addedcommands
-rw-rw-r-- 1 jevans cevans 331 2010-03-06 17:43 aliasList
-rwxrwxr-- 1 jevans jevans 953 2010-01-10 07:33 at.find.commands
-rw-rw-r-- 1 jevans jevans 137 2010-01-07 16:00 average.awk
-rw------- 1 jevans jevans 13910 2010-03-12 18:49 .bash_history
-rw-r--r-- 1 jevans jevans 18 2008-10-28 17:37 .bash_logout

here is listing of the cevans directory

total 168
drwxrwx--- 26 cevans cevans 4096 2010-03-12 18:56 .
drwxrwxr-x 5 root root 4096 2010-02-15 19:13 ..
-rw------- 1 cevans cevans 3221 2010-03-12 17:48 .bash_history
-rw-r--r-- 1 cevans cevans 18 2008-10-28 17:37 .bash_logout
-rw-r--r-- 1 cevans cevans 176 2008-10-28 17:37 .bash_profile
-rw-r--r-- 1 cevans cevans 124 2008-10-28 17:37 .bashrc
drwxr-xr-x 2 cevans cevans 4096 2009-11-24 17:42 .cache
-rw-r--r-- 1 cevans cevans 539 2010-03-10 17:53 cevansdir
drwxr-xr-x 3 cevans cevans 4096 2009-11-24 17:42 .config

so your opinion of the problem?

changed to this

in view of all this I have downloaded fedora-12 iso file but wonder if I am better sticking with fedora 10 for the time being since I have it up
and running?
how muclh difference is there between the 12 and 10 versions? enough to be a problem to a rank beginner?

thanks

changedtothis

jpollard
13th March 2010, 08:30 PM
Ok...

Yes, the /etc/group requires root to make any changes.

The file you are attempting to change the group to is not owned by you, it is
owned by the user "projectx". Only projectx can change the group access,
and then, only to a group that the user projectx is also a member of (which
means no other groups, as projectx is not a member of either cevans or jevans).

Now if you added projectx to the groups then it would be able to change the
file group membership. Note: if you do this while projectx is logged in, it will not
be usefull until projectx logs out, and back in.

You can see what login and groups are available with the "id" command. In my
case, it shows everything:


$ id
uid=500(jesse) gid=500(jesse) groups=500(jesse) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023


Since I am not a member of any other groups (only the group "jesse" - which is
assigned the id number 500), I cannot change the group access code of any files
that I own. The "context=" identifier is the SELinux security label I am working
under. This is a mandatory access control that is not under the control of users, and
helps protect the system (and other users) from "bad things", or accidents...

Another command that only lists the groups the current login has access to is
"groups".


$ groups
jesse

This utility just lists out the symbolic names for the groups I am a member of.

If you are logged in as cevans and did the "groups" command, then I would expect
the output to contain two names - cevans, and jevans. And the first one listed is
your default group (the one used when creating files). It is possible to change your
default group using the "newgrp" command. The change remains in effect until you
logout (you get your default group when you login). Once you have set a group with
"newgrp", any file you create will be given that group membership.