User cannot access directory despite being in permissioned group

I have been struggling with this for a while and cannot figure it out. I created a new user1 who I want to be able to access a single directory from me. I want to own this directory and give the user1 permission to read and write in this directory. I created a group and added it as this directory group and added the user1 to this group. I chmod -R the directory to 770 so the group has full permissions for everything on this directory. When I try to access this dir as user1 I get “permission denied” no matter what I do. I tried switching to user1 with sudo -i -u rather than su but this made no difference. This directory is in my ~/ directory. What am I missing? Thanks

Could be SELinux preventing access

ls -Zd /home

ls -aZ /home/directory

ls -Zd /home: system_u:object_r:home_root_t:s0 /home

ls -aZ /home/directory does not work because the directory I am referring to is in /home/me. Output of /home/me/directory is:

unconfined_u:object_r:user_home_t:s0 .
unconfined_u:object_r:user_home_dir_t:s0 ..

And then the files in this dir are listed with prefixed unconfined_u:object_r:user_home_t:s0


One thing that has bitten me in the past has been linux permissions.

It seems that to access any directory, no matter how deep in the file system structure, the user in question must have read and execute permissions on every directory in the path to that directory.

This seems to mean that in your case, assuming the directory is /home/me/test, that user1 must have either ‘user’, ‘group’ or ‘other’ rx permissions on /home, /home/me, and /home/me/test.
I had a similar stumbling block when I installed a plexmediaserver on my daily driver and could not get it to read and access my movies under ~/Videos/Movies. I had to give other both read and execute permissions on my home directory and the remainder of that path.

Perhaps you could create a link in user1’s home directory that links to the directory in question in your directory tree, but I still think it would require a minimum of execute permission for ‘other’ on your path.

1 Like

Ok, I finally figured it out. Even though (I thought) I had set permissions recursively from /home it turns out the second level had no r and x. I knew each level needed this but assumed it was done so never bothered to check. It was not and I wasted a lot of time and energy trying to figure out what was wrong. So you were actually right in the end :wink:

1 Like