Directory/File permissions

[DKing0]

I have a directory titled "data" that has 775 permission setting. The owner of this directory is "root", while the group is "apps." I have a tomcat (daemon) user that is a member of the "apps" group and so should have read, write, execute privileges on the "data" directory. However, in spite of being a member of the group with rwx rights the tomcat user (daemon) cannot create directories or files directly within the "data" directory. If I first use:

Code:

sudo -u tomcat mkdir /data/example

Then the tomcat user can access this "example" directory and in turn create directories or files. Anyone know why I the tomcat user can't directly create directories or files in the "data" directory? Thanks.

[simusphere]

Not sure what you mean by daemon user? The scenario you describe should work just fine and in fact works fine for me. Try verifying that /data directory permisions are what you say they are and tomcat is really a member of apps group.

Code:

ls -ld /data
groups tomcat

[Rubberman]

I've had a similar problem where I am a member of a group, the group's permissions on another directory are rwx, but I still couldn't add files or subdirectories to it until I changed my primary group to the one the directory belonged to. Personally, I think it is a bug in the file system drivers. What distribution+version+filesystem was this on? I was trying on Ubuntu Server 10.04 LTS w/ ext4.

[DKing0]

@simusphere: I added "daemon" to the description to point out the id is used by an application server (apache tomcat) rather than a human. Yes, I've checked that the data directory has the desired permissions and tomcat is a member of the apps group, specifically -- tomcat : tomcat apps

@Rubberman: I'm using CentOS 5.5 Final with ext3.

[Rubberman]

As I said, you might try changing the default group of the "tomcat" user to the "root" group. Not safe from the security perspective, but it would let you know if that is the problem.