Can’t enter directory despite correct permissions – A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about Can’t enter directory despite correct permissions was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, ubuntu, permissions, , .
I have a directory (Owned by nobody due to it being a part of a Docker bind mount, combined with user namespace remapping.) that I need to enter. This is its relevant ls -la output:
drwxrwxr-x 2 nobody nobody 4096 May 26 14:42 Directory
Running as root, although I don’t belong in either the owner or group of the directory, the directory is world readable and executable, so I should be able to enter it. However, when running cd Directory, it fails:
bash: cd: Directory: Permission denied
I think you created your question and answer after you solved your problem.
Please note that the GNU ls long listing -l will show you if an alternate access method such as an access control list applies to a file, by appending a character to the file mode bit listing.
And rather than:
drwxrwxr-x 2 nobody nobody 4096 May 26 14:42 Directory
your original directory listing probably showed:
drwxrwxr-x+ 2 nobody nobody 4096 May 26 14:42 Directory
^
Note the extra + character here.
Easy to overlook if you’re not aware of that convention, but from the manual
When the character following the file mode
bits is a space, there is no alternate access method. When it is a
printing character, then there is such a method.GNU ‘ls’ uses a ‘
.‘ character to indicate a file with an SELinux
security context, but no other alternate access method.A file with any other combination of alternate access methods is
marked with a ‘+‘ character.
In my case, this was caused by a lingering access control list. The solution to my problem was to remove all access control lists from the directory, and its subdirectories:
# setfacl -bnR Directory/
