Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
passworldless ssh not working
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Krog
Guru
Guru


Joined: 26 Jun 2007
Posts: 330
Location: Roma, Italy

PostPosted: Tue Jan 31, 2017 1:31 pm    Post subject: Reply with quote

we are going close i think!

Code:
 Authentication refused: bad ownership or modes for directory /home/krog


i see:

Code:
KROGPC-SKYLAKE /home # ls -l /home
totale 56
drwxr-xr-x  67 billa root   4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
drwxr-sr-x 283 krog  krog  20480 31 gen 14.27 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home #


i think all my permissions are a bit screwed because I changed entirely my pc, i attached the old /home disk and THEN i re-created all my users... probably most of the folders belonging to my main user (krog) took the first group available or something like that... what exactly is this "s" here: drwxr-sr-x ? the group was wrong too, i corrected that but the issue is still there.... maybe this s is the cause
Back to top
View user's profile Send private message
Krog
Guru
Guru


Joined: 26 Jun 2007
Posts: 330
Location: Roma, Italy

PostPosted: Tue Jan 31, 2017 1:41 pm    Post subject: Reply with quote

IT WORKED! i removed that damn s!

Code:
KROGPC-SKYLAKE /home # chmod 755 krog
KROGPC-SKYLAKE /home # ls -l
totale 56
drwxr-xr-x  67 billa billa  4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
drwxr-sr-x 283 krog  krog  20480 31 gen 14.32 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home # chmod 0755 krog
KROGPC-SKYLAKE /home # ls -l
totale 56
drwxr-xr-x  67 billa billa  4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
drwxr-sr-x 283 krog  krog  20480 31 gen 14.32 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home # chmod u-s krog
KROGPC-SKYLAKE /home # ls -l
totale 56
drwxr-xr-x  67 billa billa  4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
drwxr-sr-x 283 krog  krog  20480 31 gen 14.32 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home # chmod 000 krog
KROGPC-SKYLAKE /home # ls -l
totale 56
drwxr-xr-x  67 billa billa  4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
d-----S--- 283 krog  krog  20480 31 gen 14.32 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home # chmod -s krog
KROGPC-SKYLAKE /home # ls -l
totale 56
drwxr-xr-x  67 billa billa  4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
d--------- 283 krog  krog  20480 31 gen 14.32 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home # chmod 755 krog
KROGPC-SKYLAKE /home # ls -l
totale 56
drwxr-xr-x  67 billa billa  4096 31 gen 09.26 billa
drwxr-xr-x   4 root  root   4096  6 giu  2012 ftp
drwxr-xr-x 283 krog  krog  20480 31 gen 14.32 krog
drwx------   2 root  root  16384 18 feb  2009 lost+found
drwxr-xr-x   2 dhcp  root   4096  3 feb  2009 p2p
drwxrwxrwx   2 root  users  4096 21 gen 08.42 samba
KROGPC-SKYLAKE /home #
krog@KROGPC-SKYLAKE ~ %
Connection to 192.168.1.230 closed.
krog@krogbanana:~$ ssh 192.168.1.230
Last login: Tue Jan 31 14:39:23 2017 from 192.168.1.82
krog@KROGPC-SKYLAKE ~ %


WIN WIN WIN WIN
thanks to everybody :-)
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Tue Jan 31, 2017 1:48 pm    Post subject: Reply with quote

I assume the DEBUG log divulges information that you do not want to divulge to us. Review and edit the output before sharing it.
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Tue Jan 31, 2017 1:59 pm    Post subject: Reply with quote

"s" in that position represents "set group ID," affecting all new files and directories created under that directory.

Edit to add, `chmod g-s` would have cleared it directly.

One more addition, this was new to me, might be useful in general ...

Code:
chmod  preserves a directory's set-user-ID and set-group-ID bits unless you explicitly specify otherwise.  You can set or clear the bits with symbolic modes like u+s and g-s, and  you can set (but not clear) the bits with a numeric mode.


Last edited by cboldt on Tue Jan 31, 2017 2:04 pm; edited 1 time in total
Back to top
View user's profile Send private message
Krog
Guru
Guru


Joined: 26 Jun 2007
Posts: 330
Location: Roma, Italy

PostPosted: Tue Jan 31, 2017 2:03 pm    Post subject: Reply with quote

considering my /home folder is more or less 15 years old, passed by many hard disks and at least 3 different computers, it will remain a big mistery why and when that folder got this strange permission :-)
thanks again to everybody, I learned something new today
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Tue Jan 31, 2017 2:10 pm    Post subject: Reply with quote

You may have lingering odd owners or permissions buried in your /home/krog directory. My /home directory, like yours, has passed from drive to drive and system to system, and collected all sorts of "trouble" due to my ineptitude. I think I found and cleared them all, using `find`, but I doubt I could summarize exactly what I did to make the structure consistent with what I expected and wanted.

FWIW, I had similar issues in the system too, same underlying cause, migration from one installation to another.
Back to top
View user's profile Send private message
Krog
Guru
Guru


Joined: 26 Jun 2007
Posts: 330
Location: Roma, Italy

PostPosted: Tue Jan 31, 2017 2:18 pm    Post subject: Reply with quote

using chown and chgrp with -R option on the top of the home folder would fix everything, am i right?
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Tue Jan 31, 2017 3:38 pm    Post subject: Reply with quote

Yes, for owner:group, you can use just `chown -R owner:group` for your home directory. The pickle I got myself in was affecting things like /var/cron and /var/mail, where owner:group was not consistent.
Back to top
View user's profile Send private message
Krog
Guru
Guru


Joined: 26 Jun 2007
Posts: 330
Location: Roma, Italy

PostPosted: Tue Jan 31, 2017 3:40 pm    Post subject: Reply with quote

as i have many symlinks under my home folder... a chown -R would follow these symlinks? that would be really unwanted
sorry, this is really a noob question, i understand that
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Tue Jan 31, 2017 4:25 pm    Post subject: Reply with quote

It's a good question. `man chown` covers the subject ...

Code:
       -R, --recursive
              operate on files and directories recursively

       The  following options modify how a hierarchy is traversed when the -R option is also speci‐
       fied.  If more than one is specified, only the final one takes effect.

       -H     if a command line argument is a symbolic link to a directory, traverse it

       -L     traverse every symbolic link to a directory encountered

       -P     do not traverse any symbolic links (default)


I'd test that, myself, on a limited hierarchy that involved a symlink to a place where owner and group were not "me," to be satisfied that "-P" acted the way I think it does.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Tue Jan 31, 2017 4:25 pm    Post subject: Reply with quote

Krog wrote:
as i have many symlinks under my home folder... a chown -R would follow these symlinks? that would be really unwanted sorry

Krog ... the default is '--dereference', so you would use '--no-dereference' (see: 'man chown').

Code:
% su -
# touch /tmp/test
# exit
% ls -l /tmp/test
-rw-r--r-- 1 root root 0 2017-01-31 17:02 /tmp/test
% ln -s /tmp/test .
% ls -l test
lrwxrwxrwx 1 khayyam users 9 2017-01-31 17:02 test -> /tmp/test
% chown khayyam:wheel test
chown: changing ownership of 'test': Operation not permitted
% chown --no-dereference khayyam:wheel test
changed ownership of 'test' from khayyam:users to khayyam:wheel

For completeness it might also be worth mentioning 'find . -type f', and '-type d', and zsh's 'glob qualifiers' '**/*(^@)' ... which could be used to exclude symbolic links.

HTH & best ... khay
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Tue Jan 31, 2017 4:32 pm    Post subject: Reply with quote

khayyam brings up a good point, one I overlooked by assuming that the symlinks you referred to were symlinks to directories. the "-P" default only works against symlinks to directories. If you have symlinks to files, `chown -R` will operate on the referenced files unless you use --no-dereference
Back to top
View user's profile Send private message
Krog
Guru
Guru


Joined: 26 Jun 2007
Posts: 330
Location: Roma, Italy

PostPosted: Tue Jan 31, 2017 4:34 pm    Post subject: Reply with quote

Thanks :-)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum