Re: Red Hat Appears to Ignore Secondary Groups for LDAP Users
- From: Nigel Wade <nmw@xxxxxxxxxxxx>
- Date: Thu, 20 Mar 2008 09:15:47 +0000
Tim P. Starrin wrote:
On Red Hat Enterprise Linux (RHEL) 4 Update 6 with the latest patches
Given the LDAP user "t-bone" with the following group set...
% id
uid=9066(t-bone) gid=121(a00121) groups=121(a00121),144(a00144) \
context=user_u:system_r:unconfined_t
% groups
a00121 a00144
The following operations that should work on a Linux ext3 file system,
fail...
% ls -la
drwxr-x--- 2 root a00144 4096 Mar 19 13:29 a00144
-r--r----- 1 root a00144 29 Feb 27 18:34 date
% ls a00144
ls: a00144: Permission denied
% cat date
cat: date: Permission denied
Note that file and directory access via the primary group, gid=121(a00121),
works fine.
Did I setup something wrong or is this a real bug?
Thanks.
That should work, it works here with groups supplied by LDAP.
What are the permissions on the entire path leading to the directory containing a00144 and date?
What do you get if you use getent to display the group a00144?
# getent group a00144
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw@xxxxxxxxxxxx
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- Re: Red Hat Appears to Ignore Secondary Groups for LDAP Users
- From: Tim P. Starrin
- Re: Red Hat Appears to Ignore Secondary Groups for LDAP Users
- References:
- Red Hat Appears to Ignore Secondary Groups for LDAP Users
- From: Tim P. Starrin
- Red Hat Appears to Ignore Secondary Groups for LDAP Users
- Prev by Date: host keys authentication
- Next by Date: RE: host keys authentication
- Previous by thread: Red Hat Appears to Ignore Secondary Groups for LDAP Users
- Next by thread: Re: Red Hat Appears to Ignore Secondary Groups for LDAP Users
- Index(es):
Relevant Pages
|
|
