[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Group membership problems



"Phil Oester" wrote...:

> I've got two users who are both members of the same group.  Yet
> only one of the users can successfully write to a directory which
> is writable by that group.  The only significant difference I can
> see between these users is that one is a member of many more groups
> than the other. 
> 
> ** Group definition:
> dn: cn=job,ou=Group,dc=foo,dc=bar
> objectClass: posixGroup
> objectClass: top
> cn: job
> gidNumber: 6019
> memberUid: arei
> memberUid: jain

try a ldapsearch for "memberUid=arei" in "ou=Group,dc=foo,dc=bar". see 
if the entry with cn=job is returned. if it is, continue below..

> ** Test:
> [root@sec02 /tmp]# ls -l
> drwxrwxr-x   2 root        job      176 Oct 31 19:01 foo
> 
> [root@sec02 /tmp]# cd foo
> 
> [root@sec02 foo]# su arei
> bash-2.03$ touch hi
> touch: hi cannot create
> bash-2.03$ exit
> 
> [root@sec02 foo]# su jain
> bash-2.03$ touch hi
> bash-2.03$

do a "su arei" and see what the command "id" returns. is the group 
"job" listed..? (as "6019(job)") if it is, are there any differences 
between arei and jain that might cause this behaviour..? (beside the 
number of groups..)

hth,
daniel