Can’t enter directory despite correct permissions

Posted on

Can’t enter directory despite correct permissions – A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about Can’t enter directory despite correct permissions was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, ubuntu, permissions, , .

I have a directory (Owned by nobody due to it being a part of a Docker bind mount, combined with user namespace remapping.) that I need to enter. This is its relevant ls -la output:

drwxrwxr-x    2 nobody   nobody        4096 May 26 14:42 Directory

Running as root, although I don’t belong in either the owner or group of the directory, the directory is world readable and executable, so I should be able to enter it. However, when running cd Directory, it fails:

bash: cd: Directory: Permission denied

I think you created your question and answer after you solved your problem.

Please note that the GNU ls long listing -l will show you if an alternate access method such as an access control list applies to a file, by appending a character to the file mode bit listing.

And rather than:

drwxrwxr-x    2 nobody   nobody        4096 May 26 14:42 Directory

your original directory listing probably showed:

drwxrwxr-x+   2 nobody   nobody        4096 May 26 14:42 Directory
             Note the extra + character here.

Easy to overlook if you’re not aware of that convention, but from the manual

When the character following the file mode
bits is a space, there is no alternate access method. When it is a
printing character, then there is such a method.

GNU ‘ls’ uses a ‘.‘ character to indicate a file with an SELinux
security context, but no other alternate access method.

A file with any other combination of alternate access methods is
marked with a ‘+‘ character.

In my case, this was caused by a lingering access control list. The solution to my problem was to remove all access control lists from the directory, and its subdirectories:

# setfacl -bnR Directory/

Leave a Reply

Your email address will not be published. Required fields are marked *