Date: Fri, 19 Jan 2007 15:12:22 -0800 From: Randy Bush <randy@psg.com> To: Bigby Findrake <bigby@ephemeron.org> Cc: freebsd-security@freebsd.org Subject: Re: Permission denied by op Message-ID: <17841.20566.970406.261386@roam.psg.com> References: <17832.37104.392873.671721@roam.psg.com> <17833.9470.515735.802136@roam.psg.com> <20070119145118.W94270@home.ephemeron.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> i am invoking op from a python proggy which does an op.system() of >>> op chmod 640 /usr/local/etc/tac_plus.conf >>> i get "Permission denied by op" >> btw, have tested with same invocation directly from /bin/sh. same >> result. i.e. it is not the python environment. >>> % ls -l /usr/local/etc/op.access >>> -r-------- 1 root wheel 149 Jan 13 07:41 /usr/local/etc/op.access >>> % cat /usr/local/etc/op.access >>> # 2007.01.13 >>> # >>> #DEFAULT users=src >>> # >>> chown /usr/sbin/chown $* ; users=src >>> chmod /bin/chmod $* ; users=src >>> rsync /usr/local/bin/rsync $* ; users=src >>> # >>> % id >>> uid=1007(src) gid=1006(srctree) groups=1006(srctree) >>> clue bat, please > Let me recap, and you correct me when I'm wrong: > * you're running as UID 1007. yes > * the file is owned by root. not exactly, the file i am trying to modify is owned by tacacs > * you're trying to chmod it and it's failing. it is failing rsync of the new copy owned by me over the copy owned by tacacs chown of the target file to tacacs chmod of the target file to 640 > Is that the situation so far? the situation now is that i ditched op and am using sudo randy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17841.20566.970406.261386>