Dear Managers,
I didn't get a definitive answer. All responses fell in 3
categories:
i) Does the user "courier" have the same user and group ID on
the NFS server and the NFS client. Yes, I should have mentioned that
courier (and virtually all other accounts here) are NIS-distributed:
the NIS server is also the NFS server.
ii) Are the permissions on parent directories correct? I gave
the permissions on the immediate parent directory (/usr/users/courier)
in my original post, which gave full access to courier; courier does
have read/search access on /usr and /usr/users. The ACL for /usr,
/usr/users, and /usr/users/courier simply reflects these permissions.
iii) Is the directory /usr/users mounted and exported
read-write. Yes, it is.
I should have mentioned that most user files can be deleted by
their owners; this is a sporadic problem, but it is not confined to
one user. A few instances were explainable because the file was locked
by some process, but in most cases there is nothing running that would
even look at the files in question. My personal suspicion is that it
has to do with NFS, but that's just a guess.
A couple of responses mentioned my use of getacl. ACLs
(Access Control Lists) are available in DUv4.0 (I think you must
install C2 security).
Thanks to:
Michael Matthews <matthewm_at_sgate.com>
Jo Knox <fxjwk_at_aurora.alaska.edu>
"Pam Woods, Systems Manager" <axsymgr_at_UAA.ALASKA.EDU>
Rick Schofield <rds_at_zk3.dec.com>
Tom Rioux <rioux_at_ip6480nl.ce.utexas.edu>
"Richard Eisenman" <eisenman_at_tricity.wsu.edu>
Wayne Sweatt <sweatt_at_dps.state.nm.us>
Dejan Muhamedagic <muja_at_galeb.etf.bg.ac.yu>
The original post was:
Dear Managers,
Some of my users are complaining that they cannot delete their
own files. For example, user "courier" complains that he cannot
delete the file /usr/users/courier/bpic.zip. rm gives him the following
message:
rm: bpic.zip : Permission denied
chmod also fails. The superuser (either on the NFS server or
the NFS client) CAN delete the files.
Here is all the (hopefully relevant) data I can gather:
$ ls -algd /usr/users/courier
drwx------ 6 courier users 8192 Feb 13 11:41 /usr/users/courier
$ ls -alg /usr/users/courier/bpic.zip
-rw-r--r-- 1 courier users 1025013 Feb 6 23:20
/usr/users/courier/bpic.zip
$ getacl /usr/users/courier/bpic.zip
#
# file: /usr/users/courier/bpic.zip
# owner: courier
# group: users
#
user::rw-
group::r--
other::r--
/usr/users is NFS-mounted read-write (DON'T tell me this is
bad security practice; I know but because this is a college I really
do have to make user files available at any host). The problem only
occurs with some files, but I can't see any obvious pattern. No stale
file handles are appearing that I can see.
The user in question has moderate UNIX experience, so I don't
think he is doing anything really crazy.
Any suggestions?
Larry
============================================================================
Larry Griffith Dept. of Computer & Info Science
larry_at_garfield.wsc.mass.edu Westfield State College
(413) 572-5294 Westfield, MA 01086 USA
PGP public key available at:
http://garfield.wsc.mass.edu/dcis/griffith.html
============================================================================
Received on Fri Feb 14 1997 - 22:53:33 NZDT