Re: [gentoo-user] non-root crontab failure (permissions issue?)
On Sun, May 18, 2008 at 12:32 AM, Alan McKinnon [EMAIL PROTECTED] wrote: On Saturday 17 May 2008, King Spook wrote: crontab -e does not error out when run as root. crontab -u myuser -e, when run as root, does create a crontab, which appears to be owned by root, grouped by root, and with rw permissions for owner only. How can I fix this? Thanks. I would guess that you crontab binary is not guid: [EMAIL PROTECTED] /var/spool $ ls -al `which crontab` -rwxr-s--x 1 root crontab 30180 2007-11-02 12:59 /usr/bin/crontab* The various permissions you list for files and dirs are correct - they match my system which works correctly. So I checked mine using, and you were right in that the permissions were different. So then I tried to make them mirror yours using: sudo chmod u=rwx,g=rs,o=x /usr/bin/crontab But the permissions would up like so: -rwxr-S--x 1 root crontab 35120 Mar 6 17:16 crontab Now when trying crontab -e, I get: -bash: /usr/bin/crontab: Permission denied I'm guessing I messed up in setting guid, since yours is lower-case 's', and mine's showing upper? -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] non-root crontab failure (permissions issue?)
On Sun, May 18, 2008 at 7:08 AM, Alan McKinnon [EMAIL PROTECTED] wrote: On Sunday 18 May 2008, King Spook wrote: . So I checked mine using, and you were right in that the permissions were different. So then I tried to make them mirror yours using: sudo chmod u=rwx,g=rs,o=x /usr/bin/crontab But the permissions would up like so: -rwxr-S--x 1 root crontab 35120 Mar 6 17:16 crontab Now when trying crontab -e, I get: -bash: /usr/bin/crontab: Permission denied I'm guessing I messed up in setting guid, since yours is lower-case 's', and mine's showing upper? Ah, that's easy to fix :-) The uppercase S means that the x permission underneath it is not set on, so you will also have to do this (as root) chmod g+x $(which crontab) -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list I should've been able to figure that out, at least. =\ Thanks for all the help; it works now. I really appreciate it. -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] non-root crontab failure (permissions issue?)
I'm having trouble getting cron to be usable by normal users. I'm running vixie-cron 4.1-r10 on Gentoo Linux. My user is a member of both cron and crontab groups (being unsure which I needed, but speculating the former). There is no cron.allow, and an empty cron.deny file in /etc. Every time I try crontab -e as my user, I get this: Code: ~~~ no crontab for user - using an empty one crontab: installing new crontab chown: Operation not permitted crontab: edits left in /tmp/crontab.sXePXF ~~~ Naturally, I'm guessing permissions problems. Here are the permissions: ~~~ host2 spool # cd /var/spool host2 spool # ls -alR cron/ cron/: total 16 drwxr-x--- 4 root cron4096 Mar 6 17:16 . drwxr-xr-x 6 root root4096 Apr 13 16:02 .. -rw-r--r-- 1 root root 0 Mar 6 17:16 .keep_sys-process_cronbase-0 drwx-wx--T 2 root crontab 4096 May 16 14:39 crontabs drwxr-x--- 2 root root4096 Mar 6 17:16 lastrun cron/crontabs: total 12 drwx-wx--T 2 root crontab 4096 May 16 14:39 . drwxr-x--- 4 root cron4096 Mar 6 17:16 .. -rw-r--r-- 1 root crontab0 Mar 6 17:16 .keep_sys-process_vixie-cron-0 -rw--- 1 root crontab 328 Apr 27 12:25 root cron/lastrun: total 8 drwxr-x--- 2 root root 4096 Mar 6 17:16 . drwxr-x--- 4 root cron 4096 Mar 6 17:16 .. -rw-r--r-- 1 root root0 Mar 6 17:16 .keep_sys-process_cronbase-0 host2 spool # ~~~ crontab -e does not error out when run as root. crontab -u myuser -e, when run as root, does create a crontab, which appears to be owned by root, grouped by root, and with rw permissions for owner only. How can I fix this? Thanks. -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] Daemon Group Accounts
I was looking at my users and groups on my box, and I realized that certain services add user accounts with specific UIDs, but then just gets the next GID for it's corresponding group. I know I, personally, would like to have the UIDs and GIDs match (and I spent the time with usermod, groupmod, and find fixing it so it was). I was wondering if there was any policy for this (and if so, should I file bugs?), and how other people felt about this, and if there was any reason not to have the UIDs and GIDs correspond. Cheers. -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] Re: Daemon Group Accounts
Well, naturally I wasn't going to file a bug unless someone told me they were supposed to have matching uids/gids. It just seemed odd, for example, to have clamav's uid=103, and it's gid=1004. -- gentoo-user@lists.gentoo.org mailing list