On Thu, Feb 27, 2020 at 01:13:29AM +0100, Robert Scheck wrote: > Good evening, > > could somebody please point out my mistake? Why is BIRD telling that it > can't access /var/lib/foo/bird.conf? > > $ ls -ld /var/lib/foo/ /var/lib/foo/bird.conf > drwxr-x---. 2 foo foo 4096 Feb 27 00:53 /var/lib/foo/ > -rw-r--r--. 1 root root 10 Feb 27 00:53 /var/lib/foo/bird.conf > $ > > $ id bird > uid=996(bird) gid=993(bird) groups=993(bird),1000(foo)
Hi You need group foo to access /var/lib/foo/, that is part of secondary groups for bird user (as reported by 'id') and these secondary groups are assigned e.g. when 'su - bird' is used. But when you run 'bird -u bird -g bird', it only set UID (-u) and GID (-g), not secondary groups, so bird daemon does not have access to foo group. You can check /proc/29334/status to see value of 'Groups'. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
