I need help with a permissions problem

Hello. On a new installation of leap 42.2 I can read from 2 storage ssd’s but can’t write to them. They are new with no files in them. I can’t copy any files to them and I get permission denied when I try. I also have an older wd passport installed along side them. I can read, write, and execute with the passport drive. I’ve been trying to learn how to change permissions for the ssd’s but all searching has not helped. I was looking at /etc/fstab. I opened it in kate and on the left tab is the entries for my home drive (a M.2 ssd which works fine BTW), and on the right tab was all file permissions. I copied that file successfully to the passport so it works.

tony@linux-cjl6:/run/media/tony/WD Passport> cp permissions.easy /etc
cp: cannot create regular file '/etc/permissions.easy': Permission denied
tony@linux-cjl6:/run/media/tony/WD Passport> 

Here, I tried to copy the permissions.easy file back to /etc but it didn’t work.

Even though that file copied to the passport it shows it was denied. If I try to drag and drop I get a large red bar at the top of dolphin saying the file can’t be copied even though it did. And I also have to give my root pw just to access the ssd’s.

I thought it would be worthwhile to unmount the ssd’s and restart to see if they would change but they didn’t. I went back to /etc/fstab and I then saw that the permissions.easy file was gone as well as permissions.secure and paranoid were gone also. Then I realized I didn’t close kate with fstab open and that must be why those permissions are gone. I don’t know what to do about that.

There were some other permission problems showing up but i’ve been stuck on these ssd drives. Such as whenever I try to change permissions all options are grayed out or I’m not allowed to add to the permissions present. I tried to copy some more information to show here but it won’t let me copy and paste files to include here. I had none of these problems with 13.1 installed as the os. What could be causing this and what should I do about the permissions files?

Any help will be much appreciated. Thank you

i5 6500 cpu, asus pro gaming skylake, 32GB ram. Leap 42.2. Problems aside I think Leap 42.2 is the best yet.

How is the drive formatted? If it uses a Windows format then that format does not use Linux permissions and the permissions of the partition are faked at mount. So show us /etc/fstab so we can see the mount parameters.

Note you are the seconded permission to note that even though permissions are flagged the file is actually copied. This should not be and may indicate a bug. But we need to dive deeper to be sure. I don’t have any Window formatted partitions here to test




# Directories
#


# for screen's session sockets:
/var/run/uscreens/                                      root:root         1777
/run/uscreens/                                          root:root         1777


#
# /etc
#
/etc/crontab                                            root:root          600
/etc/exports                                            root:root          644
/etc/fstab                                              root:root          644
# we don't package it
/etc/ftpaccess                                          root:root          644
/etc/ftpusers                                           root:root          644
/etc/rmtab                                              root:root          644
/var/lib/nfs/rmtab                                      root:root          644
/etc/syslog.conf                                        root:root          644


#
# suid system programs that need the suid bit to work:
#
/bin/su                                                 root:root         4755
/usr/bin/at                                             root:trusted      4755
/usr/bin/crontab                                        root:trusted      4755
/usr/bin/gpasswd                                        root:shadow       4755
/usr/bin/newgrp                                         root:root         4755
/usr/bin/passwd                                         root:shadow       4755
/usr/bin/chfn                                           root:shadow       4755
/usr/bin/chage                                          root:shadow       2755
/usr/bin/chsh                                           root:shadow       4755
/usr/bin/expiry                                         root:shadow       4755
/usr/bin/sudo                                           root:root         4755
/usr/sbin/su-wrapper                                    root:root         4755
# opie password system
# #66303
/usr/bin/opiepasswd                                     root:root         4755
# "user" entries in /etc/fstab make mount work for non-root users:
/usr/bin/ncpmount                                       root:trusted      4750
/usr/bin/ncpumount                                      root:trusted      4750
# #331020
/sbin/mount.nfs                                         root:root         4755
/bin/mount                                              root:root         4755
/bin/umount                                             root:root         4755
#
# #133657
/usr/bin/fusermount                                     root:trusted      4755
# #66203
/usr/lib/majordomo/wrapper                              root:daemon       4755
# glibc backwards compatibility
/usr/lib/pt_chown                                       root:root         4755
/usr/lib64/pt_chown                                     root:root         4755
# needs setuid root when using shadow via NIS:
# #216816
/sbin/unix_chkpwd                                       root:shadow       4755
/sbin/unix2_chkpwd                                      root:shadow       4755
# qpopper
/usr/sbin/popauth                                       pop:trusted       4755
# from the squid package
/usr/sbin/pam_auth                                      root:shadow       4755


# squid changes from bnc#891268
/var/cache/squid/                                       squid:root        0750
/var/log/squid/                                         squid:root        0750
/usr/sbin/pinger                                        squid:root        0750
 +capabilities cap_net_raw=ep
/usr/sbin/basic_pam_auth                                root:shadow       2750




# still to be converted to utempter
/usr/lib/gnome-pty-helper                               root:utmp         2755


#
# mixed section:
#
# video
/usr/bin/v4l-conf                                       root:video        4755
# Itanium ia32 emulator
/usr/lib/ia32el/suid_ia32x_loader                       root:root         4755
# scotty:
# #66211
/usr/bin/ntping                                         root:trusted      4750


# turn off write and wall by disabling sgid tty:
/usr/bin/wall                                           root:tty          2755
/usr/bin/write                                          root:tty          2755
# thttpd:
/usr/bin/makeweb                                        root:www          2755
# yaps, pager software, accesses /dev/ttyS?
/usr/bin/yaps                                           root:uucp         2755
# ncpfs tool
/usr/bin/nwsfind                                        root:trusted      4750
/usr/bin/ncplogin                                       root:trusted      4750
/usr/bin/ncpmap                                         root:trusted      4750
# lpdfilter:
# checks itself that only lp and root can call it
/usr/lib/lpdfilter/bin/runlpr                           root:root         4755
# pcmcia:
# Needs setuid to eject cards (#100120)
/sbin/pccardctl                                         root:trusted      4755
# gnokii nokia cellphone software
# #66209
/usr/sbin/mgnokiidev                                    root:uucp         4755
# pcp, performance co-pilot
# setuid root is used to write /var/log/pcp/NOTICES
# #66205
/usr/lib/pcp/pmpost                                     root:root         4755
# mailman mailing list software
# #66315
/usr/lib/mailman/cgi-bin/admin                          root:mailman      2755
/usr/lib/mailman/cgi-bin/admindb                        root:mailman      2755
/usr/lib/mailman/cgi-bin/edithtml                       root:mailman      2755
/usr/lib/mailman/cgi-bin/listinfo                       root:mailman      2755
/usr/lib/mailman/cgi-bin/options                        root:mailman      2755
/usr/lib/mailman/cgi-bin/private                        root:mailman      2755
/usr/lib/mailman/cgi-bin/roster                         root:mailman      2755
/usr/lib/mailman/cgi-bin/subscribe                      root:mailman      2755
/usr/lib/mailman/cgi-bin/confirm                        root:mailman      2755
/usr/lib/mailman/cgi-bin/create                         root:mailman      2755
/usr/lib/mailman/cgi-bin/editarch                       root:mailman      2755
/usr/lib/mailman/cgi-bin/rmlist                         root:mailman      2755
/usr/lib/mailman/mail/mailman                           root:mailman      2755




# control-center2 (#104993)
/usr/sbin/change-passwd                                 root:root         4755


#
# networking (need root for the privileged socket)
#
/usr/bin/ping                                           root:root         0755
 +capabilities cap_net_raw=ep
/usr/bin/ping6                                          root:root         0755
 +capabilities cap_net_raw=ep
# mtr is linked against ncurses. For dialout only.
/usr/sbin/mtr                                           root:dialout      0750
 +capabilities cap_net_raw=ep
/usr/bin/rcp                                            root:root         4755
/usr/bin/rlogin                                         root:root         4755
/usr/bin/rsh                                            root:root         4755


# heartbeat #66310
# cl_status needs to be allowed to connect to the heartbeat API. If the setgid
# bit is removed, one can manually add users to the haclient group instead.
/usr/bin/cl_status                                      root:haclient     2555


# exim
/usr/sbin/exim                                          root:root         4755


#
# dialup networking programs
#
/usr/sbin/pppoe-wrapper                                 root:dialout      4750
# i4l package (#100750):
/sbin/isdnctrl                                          root:dialout      4750
# #66111
/usr/bin/vboxbeep                                       root:trusted      4755




#
# linux text console utilities
#
# setuid needed on the text console to set the terminal content on ctrl-o
# #66112
/usr/lib/mc/cons.saver                                  root:root         4755




#
# terminal emulators
# This and future SuSE products have support for the utempter, a small helper
# program that does the utmp/wtmp update work with the necessary rights.
# The use of utempter obsoletes the need for sgid bits on terminal emulator
# binaries. We mention screen here, but all other terminal emulators have
# moved to /etc/permissions, with modes set to 0755.


# needs setuid to access /dev/console
# framebuffer terminal emulator (japanese)
/usr/bin/jfbterm                                        root:tty          6755


#
# kde
# (all of them are disabled in permissions.secure except for 
# the helper programs)
#
# arts wrapper, normally suid root:
/opt/kde3/bin/artswrapper                               root:root         4755
# needs setuid root when using shadow via NIS:
# #66218
/opt/kde3/bin/kcheckpass                                root:shadow       4755
/usr/lib/kde4/libexec/kcheckpass                        root:shadow       4755
/usr/lib64/kde4/libexec/kcheckpass                      root:shadow       4755
# This has a meaning... hmm...
/opt/kde3/bin/kdesud                                    root:nogroup      2755
/usr/lib/kde4/libexec/kdesud                            root:nogroup      2755
/usr/lib64/kde4/libexec/kdesud                          root:nogroup      2755
/usr/lib/libexec/kf5/kdesud                             root:nogroup      2755
/usr/lib64/libexec/kf5/kdesud                           root:nogroup      2755


# used for getting proxy settings from dhcp
/opt/kde3/bin/kpac_dhcp_helper                          root:root         4755
# used to distract the oom killer
# #203535
/opt/kde3/bin/start_kdeinit                             root:root         4755
# bnc#523833
/usr/lib/kde4/libexec/start_kdeinit                     root:root         4755
/usr/lib64/kde4/libexec/start_kdeinit                   root:root         4755
# edits /etc/smb.conf
# #66312
/usr/bin/fileshareset                                   root:root         4755




#
# amanda
#
/usr/sbin/amcheck                                       root:amanda       4750
/usr/lib/amanda/calcsize                                root:amanda       4750
/usr/lib/amanda/rundump                                 root:amanda       4750
/usr/lib/amanda/planner                                 root:amanda       4750
/usr/lib/amanda/runtar                                  root:amanda       4750
/usr/lib/amanda/dumper                                  root:amanda       4750
/usr/lib/amanda/killpgrp                                root:amanda       4750




#
# gnats
#
/usr/lib/gnats/gen-index                                gnats:root        4555
/usr/lib/gnats/pr-edit                                  gnats:root        4555
/usr/lib/gnats/queue-pr                                 gnats:root        4555




#
# news (inn)
#
# the inn start script changes it's uid to news:news. Later innbind
# is called by this user. Those programs do not need to be called by
# anyone else, therefore the strange permissions 4554 are required
# for operation. (#67032, #594393)
#
/usr/lib/news/bin/rnews                                 news:uucp         4550
/usr/lib/news/bin/inews                                 news:news         2555
/usr/lib/news/bin/innbind                               root:news         4550


#
# sendfax
#
/usr/lib/mgetty+sendfax/faxq-helper                     fax:root          4755
/var/spool/fax/outgoing/                                fax:root          0755
/var/spool/fax/outgoing/locks                           fax:root          0755


#
# uucp
#
/var/spool/uucppublic/                                  root:root         1777
/usr/bin/uucp                                           uucp:uucp         6555
/usr/bin/uuname                                         uucp:uucp         6555
/usr/bin/uustat                                         uucp:uucp         6555
/usr/bin/uux                                            uucp:uucp         6555
/usr/lib/uucp/uucico                                    uucp:uucp         6555
/usr/lib/uucp/uuxqt                                     uucp:uucp         6555


# pcp (bnc#782967)
/var/lib/pcp/tmp/                    root:root      1777
/var/lib/pcp/tmp/pmdabash/                root:root      1777
/var/lib/pcp/tmp/mmv/                    root:root      1777
/var/lib/pcp/tmp/pmlogger/                root:root      1777
/var/lib/pcp/tmp/pmie/                    root:root      1777


# PolicyKit (#295341)
/usr/lib/PolicyKit/polkit-set-default-helper            polkituser:root   4755
/usr/lib/PolicyKit/polkit-read-auth-helper              root:polkituser   2755
/usr/lib/PolicyKit/polkit-revoke-helper                 root:polkituser   2755
/usr/lib/PolicyKit/polkit-explicit-grant-helper         root:polkituser   2755
/usr/lib/PolicyKit/polkit-grant-helper                  root:polkituser   2755
/usr/lib/PolicyKit/polkit-grant-helper-pam              root:polkituser   4750


# polkit new (bnc#523377)
/usr/lib/polkit-1/polkit-agent-helper-1                 root:root         4755
/usr/bin/pkexec                                         root:root         4755


# dbus-1 (#333361)
/lib/dbus-1/dbus-daemon-launch-helper                   root:messagebus   4750
/lib64/dbus-1/dbus-daemon-launch-helper                 root:messagebus   4750


# policycoreutils (#440596)
/usr/bin/newrole                                        root:root         4755


# VirtualBox (#429725)
/usr/lib/virtualbox/VirtualBox                          root:vboxusers    4750
/usr/lib/virtualbox/VirtualBox3                         root:vboxusers    4750
/usr/lib/virtualbox/VBoxBFE                             root:vboxusers    4750
/usr/lib/virtualbox/VBoxHeadless                        root:vboxusers    4750
/usr/lib/virtualbox/VBoxSDL                             root:vboxusers    4750
# (bnc#533550)
/usr/lib/virtualbox/VBoxNetAdpCtl                       root:vboxusers    4750
# bnc#669055
/usr/lib/virtualbox/VBoxNetDHCP                         root:vboxusers    4750


# open-vm-tools (bnc#474285)
/usr/bin/vmware-user-suid-wrapper            root:root         4755


# lockdev (bnc#588325)
/usr/sbin/lockdev                                       root:lock         2755


# hawk (bnc#665045)
/usr/sbin/hawk_chkpwd                                   root:haclient     4750
/usr/sbin/hawk_invoke                                   root:haclient     4750


# chromium (bnc#718016)
/usr/lib/chrome_sandbox                                 root:root         4755


# ecryptfs-utils (bnc#740110)
/sbin/mount.ecryptfs_private                root:root         4755


# wireshark (not yet)
/usr/bin/dumpcap                    root:root      0755





I see that those missing files are showing up again in dolphin. Are there other files you’s like to see? Thank you for responding.

I had to shorten the file and resend.

I forgot: I formatted everything with ext4. I installed leap on a M.2 128GB ssd then added 2 large ssd’s for storage. I can work with the M.2 ok as well as the passport, but not the other two.

Show what I asked for

/etc/fstab



UUID=dbfbfdd0-86d3-4489-82a4-e9fb4ed4f066 /                    ext4       acl,user_xattr        1 1
UUID=ea6e6386-29f3-4590-9487-734d93742885 /home                ext4       acl,user_xattr        1 2
UUID=7dbfa372-30c2-45c5-841c-0b5b820727e3 swap                 swap       defaults              0 0
UUID=58EB-D1CD       /boot/efi            vfat       umask=0002,utf8=true  0 0




Sorry for that I had to rush out and just got back.

No entry for them in fstab. Thus they are mounted by the desktop.

Let us try to gather some information:

mount | grep media

In your first post it seems that it is mounted at /run/media/tony/WD (that is not illogical when mounted by the desktop).

ls -ld /run/media/tony/WD
ls -l /run/media/tony/WD

And I assume that tony is the user that wants to create a file there.

You are doing it as regular, non-root, user, and regular user of course does not have write permissions to /etc (at least, should not have).



tony@linux-cjl6:~> mount | grep media
/dev/sdc1 on /run/**media**/tony/WD Passport type fuseblk (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,
allow_other,blksize=4096,uhelper=udisks2)
/dev/sda1 on /run/**media**/tony/disk1 type ext4 (rw,nosuid,nodev,relatime,data=ordered,uhelper=udisks2)
/dev/sdb1 on /run/**media**/tony/disk2 type ext4 (rw,nosuid,nodev,relatime,data=ordered,uhelper=udisks2)


tony@linux-cjl6:~> ls -ld /run/media/tony/WD
ls: cannot access ‘/run/media/tony/WD’: No such file or directory

  1. Please use CODE tags.
  2. I based the existence of this directory on it being in your first post, but I misread it because there is white space in that name. It should have been
ls -ld /run/media/tony/WD\ Passport

and you can of course do the same for

ls -ld /run/media/tony/disk1
ls -ld /run/media/tony/disk2

I also see from your mount list that WD Passport seems not to be an ext4 file system.

Did you try to copy a file to disk1 and/or disk2, which are ext4?

And like @avidjaar, I wonder why you are trying to copy a file to /etc. What do you think that that has to do with your trial to copy something to /run/media/tony/WD\ Passport?

The Partitioner shows a red disk next to each drive. What do they mean? When I partitioned the drives I had to sign in as root for yast. Didn’t that mean I was root? How did the drives get partitioned under the desktop?

Can you please stick to your problem and trying to post answers to what people ask here, so they can possibly help you?

Of course only root can partition. Else every idiot user on your system could write all over the disk.

BTW, your title says “I need help with a permissions problem”. My assumption is that you know about ownership by user and group and permission bits and that you only have some problems in understanding how they apply in this particular case. When you in fact do not understand much about ownership and permissions, please say so. And of course study some documentation about this all important aspect of Unix/Linux.