WebFaction
Community site: login faq

Hi everyone, first question here. I'm trying to create a gitweb application to share with two teammates.

I correctly created the gitweb app, then I created an SSH user (let's call it "teamgroup") which works as a group. Then I created two other users called user1 and user2, with Extra group "teamgroup".

Then changed the permissions of "repos" directory to:

drwxrwsr-x+ 2 me teamgroup       4096 Dec  1 02:06 repos

through chgroup. Changed also facl permissions of "repos" to (through setfacl):

# file: .
# owner: me
# group: teamgroup
# flags: -s-
user::rwx
group::rwx
other::r-x
default:user::rwx
default:user:teamgroup:rwx
default:group::r-x
default:group:teamgroup:rwx
default:mask::rwx
default:other::r-x

So my user "teamgroup" should have complete access to this directory. I logged out through "logout" command on both "me" and "teamgroup" (ssh), closed everything and logged again with "teamgroup".

Then I try: cd /home/me/webapps/gitweb/repos and "Permissions denied" is everything I get. I also tried by giving "repos" 777 permissions, but still permissions denied.

Can someone explain me how to solve this?

Edit 1:

Notice that I even tried to create a file but can't even do that.

asked 30 Nov '12, 19:39

FireDragonDoL
1548
accept rate: 50%

edited 30 Nov '12, 19:44


It sounds like you've correctly set the permissions for that one directory, but you may not have set the correct ACL permissions to allow those users to traverse the directory path in order to arrive at that directory. (This is akin to unlocking the bedroom door but keeping the front door bolted shut.)

I'd recommend following something like our Granting Access to SSH Users guide, except make some minor changes to set the group permissions rather than user permissions. The important thing is that this group still needs access to your $HOME directory (the front door) before they can get inside of $HOME/webapps and into your git application.

Hope that helps!

permanent link

answered 30 Nov '12, 19:46

ryans ♦♦
5.0k93360
accept rate: 43%

Oh man I feel a bit stupid: I skipped the first command setfacl -m g:teamgroup:--x $HOME solved instantly the issue. Thanks a lot, I'm addicted to stackoverflow-like site, I'm casting right now your vote (and I can't upvote because I don't have enough reputation!)

(30 Nov '12, 19:55) FireDragonDoL
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×64

question asked: 30 Nov '12, 19:39

question was seen: 8,363 times

last updated: 30 Nov '12, 19:55

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2019 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM