There are two users: the user jenkins
and the user nginx
(both are actually the service accounts).
First, the user jenkins
creates the directory frontend
in the /usr/share/nginx/html
folder. Then it downloads some html
files saving them in this folder.
Then the user nginx
tries to open one of the html files and gets the Permission denied
error.
To fix this issue, I first checked which groups the users belong to with: groups jenkins
and it returns: jenkins: jenkins
Then I checked what group the user nginx
is assigned to. And it is nginx: nginx
I checked the permissions for the frontend
folder jenkins
created as /usr/share/nginx/html/frontend
and it it is automatically assigned the user jenkins
and the group jenkins
. Via changing the permissions for this folder with chown
command I found that in order for nginx
user to be able to read these files the folder needs to be set with nginx:nginx
ownership.
I have also tried to create a new group workers
and then assign both jenkins
and nginx
users to it with
sudo groupadd workers
sudo usermod -aG workers jenkins
sudo usermod -aG workers nginx
But unfortunately, that didn't fix the issue. jenkins
user keeps creating the folders with the same ownership as before jenkins:jenkins
.
Is there a way to make both users have a full access on a folder created by one of them? What should I do?
Below is some additional info. The frontend
folder is created by jenkins
user in /usr/share/nginx/html/
. Here are some details:
sudo namei -om /usr/share/nginx/html/
f: /usr/share/nginx/html/
dr-xr-xr-x root root /
drwxr-xr-x root root usr
drwxr-xr-x root root share
drwxr-xr-x nginx jenkins nginx
drwxrwxrwx nginx nginx html
Then, after the frontend
folder is created I run
sudo namei -om /usr/share/nginx/html/
to check its ownership and it is:
f: /usr/share/nginx/html/frontend
dr-xr-xr-x root root /
drwxr-xr-x root root usr
drwxr-xr-x root root share
drwxr-xr-x nginx jenkins nginx
drwxrwxrwx nginx nginx html
drwxr-xr-x jenkins jenkins frontend
Below is a breakdown of the steps needed to make a single folder created by one user accessible by another.
sudo groupadd newgroup
sudo usermod -aG jenkins
sudo usermod -aG nginx
jenkins
user creates a folder with the default jenkins:jenkins
ownership, make jenkins
user change the folder's ownership setting it with jenkins:newgroup
(note that jenkins
won't be able to set the folder's group ownership to newgroup
unless it is a member of newgroup
): chown -R jenkins:newgroup /path/to/folder/created/by/jenkins/
jenkin
user to assign read-write
permissions to the owner user
( jenkins
) and owner group
( newgroup
) by running:chmod -R 775 /path/to/folder/created/by/jenkins/
can you try using the "chgrp" command after creating the directory?
chgrp groupname directoryname
After that, do a chmod to allow full access to the group.
chmod 775 directoryname
That will allow both to access.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.