Problem :
I have a user jenkins in group jenkins. I want to have access to the directory /var/www/html/, so I have changed the directory group from root to jenkins.
$ ll /var/www
...
drwxrwx---. 7 root jenkins ... html
...
$ groups
jenkins
$ cd /var/www/html
-bash: cd/var/www/html: Permission denied
User from /etc/passwd:
jenkins:x:779:779::/home/usr:/bin/bash
The owner and group of /var and /var/www are root. As I understand I shouldn’t change their group as well, only the directory I want to access.
Do you have any idea why this isn’t working?
EDIT:
$ ls -l /var
total 97
…
drwxrwx—. 8 root root … www
…
Sorry for not displaying the full output, it is from an offline computer. I don’t know what is executable path but this file is the only one that looks different:
lrwxrwxrwx. 1 root root ... mail -> spool/mail
Solution :
Seems to be a problem with perms from parents folders, if you want to read and change into a directory you have to get read and execute perms on the folders and its parents folders.
Check that ownership and bits mode of the following folders:
- / = mode: 755, user: root, group: root
- /var = mode: 755, user: root, group: root
- /var/www = mode: 750, user: WebSrvUsr**, group: WebSrvGrp**
- /var/www/html = mode: 750, user: WebSrvUsr**, group: jenkins
** WebSrvUsr and WebSrvGrp depends of distro
And finally, your user have to be member of the following groups: WebSrvGrp, jenkins.
If this does not work, you could check selinux or apparmor (getenforce)
Make sure either:
- a)
/var/has 755 permission (recommended), or - b)
/var‘s ownership is set toroot:jenkins(not recommended).