Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 19 Jan 2007 15:12:22 -0800
From:      Randy Bush <randy@psg.com>
To:        Bigby Findrake <bigby@ephemeron.org>
Cc:        freebsd-security@freebsd.org
Subject:   Re: Permission denied by op
Message-ID:  <17841.20566.970406.261386@roam.psg.com>
References:  <17832.37104.392873.671721@roam.psg.com> <17833.9470.515735.802136@roam.psg.com> <20070119145118.W94270@home.ephemeron.org>

next in thread | previous in thread | raw e-mail | index | archive | help
>>> i am invoking op from a python proggy which does an op.system() of
>>>    op chmod 640 /usr/local/etc/tac_plus.conf
>>> i get "Permission denied by op"
>> btw, have tested with same invocation directly from /bin/sh.  same
>> result.  i.e. it is not the python environment.
>>> % ls -l /usr/local/etc/op.access
>>> -r--------  1 root  wheel  149 Jan 13 07:41 /usr/local/etc/op.access
>>> % cat /usr/local/etc/op.access
>>> # 2007.01.13
>>> #
>>> #DEFAULT users=src
>>> #
>>> chown   /usr/sbin/chown $* ; users=src
>>> chmod   /bin/chmod $* ; users=src
>>> rsync   /usr/local/bin/rsync $* ; users=src
>>> #
>>> % id
>>> uid=1007(src) gid=1006(srctree) groups=1006(srctree)
>>> clue bat, please
> Let me recap, and you correct me when I'm wrong:
> * you're running as UID 1007.

yes

> * the file is owned by root.

not exactly, the file i am trying to modify is owned by tacacs

> * you're trying to chmod it and it's failing.

it is failing
  rsync of the new copy owned by me over the copy owned by tacacs
  chown of the target file to tacacs
  chmod of the target file to 640

> Is that the situation so far?

the situation now is that i ditched op and am using sudo

randy




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17841.20566.970406.261386>