overview for Rick

FACL, lost in it's behavior.. in c/linux@lemmy.ml

[–] Rick_C137@programming.dev 2 points 3 months ago

setfacl -m m:r aFile
#re set the mask

solve the problem, but the question is: why the F**** this is happening !?

0

FACL, lost in it's behavior.. (programming.dev)

submitted 3 months ago* (last edited 3 months ago) by Rick_C137@programming.dev to c/linux@lemmy.ml

2 comments fedilink

Hi,

I got FileA that have 640 a getfacl FileA give me

# file: FileA
# owner: me
# group: me
user::rw-
user:aUser:r--
group::r-x			#effective:r--
mask::r--
other::---

So it's give me the expected...

but when I do

chmod 600 aFile
getfacl aFile

...
user:aUser:r--		#effective:---
...
mask::---
...

Why suddenly aUser lost his ability to read the file !?!?!

FACL, Get effective: --- in c/linux@lemmy.ml

[–] Rick_C137@programming.dev 1 points 3 months ago* (last edited 3 months ago) (2 children)

Update, this is only happening when I copy files from a ~SMB share... :'(
Otherwise it's correct...

5

FACL, Get effective: --- (programming.dev)

submitted 3 months ago by Rick_C137@programming.dev to c/linux@lemmy.ml

3 comments fedilink

Hi,

I've set for a directory the following

setfacl -dm u:aUser:r aDirectory
#set new files to be readable by aUser

cp ~/Desktop/aFile.txt /xx/xx/xx/aDirectory

getfacl aFile.txt #the copied one

# file: aFile.txt
# owner: me
# group: me
user::rwx
user:aUser:r--
group::r-x
mask::rwx
other::rwx

So indeed we see the aUser got r--

but

stat aFile.txt

return

(0777/-rwxrwxrwx) #!!!!

is that normal !!!!???

Thanks.

What vm software you use on linux in c/linux@lemmy.ml

[–] Rick_C137@programming.dev 5 points 3 months ago (5 children)

Proxmox seem powerfull

It's a Type1, not Type2
https://en.wikipedia.org/wiki/Hypervisor#Classification

Recursive execute(x) required to enable nginx to read a directory !?? [ SOLVED ] in c/linux@lemmy.ml

[–] Rick_C137@programming.dev 1 points 4 months ago

Thank you all !

Indeed setting execute perm on example, sub1, sub2, static

The program/user have now access to the directory.

In order words all the parents directory need at least execute in order to have access in the targeted directory...

Now I gave 751 for static. Meaning than others (here nginx) cannot list the files within. But never the less it works
the static files are appearing when requested (HTTP) but forbidding nginx to list the directory is changing something ? (performance/security)

Thanks

19

Recursive execute(x) required to enable nginx to read a directory !?? [ SOLVED ] (programming.dev)

submitted 4 months ago* (last edited 4 months ago) by Rick_C137@programming.dev to c/linux@lemmy.ml

4 comments fedilink

Hi,

I've noticed something quite odd, but I don't know if the problem come from Linux itself or nginx..

In order to grant nginx access to a directory let say your static see: https://stackoverflow.com/questions/16808813/nginx-serve-static-file-and-got-403-forbidden

These parent directories "/", "/root", "/root/downloads" should give the execute(x) permission to 'www-data' or 'nobody'. i.e.

but it seem not only the direct parent need to be given XX5 but all the chain

for example

example
└── sub1
    └── sub2
        └── static

it seem you need to set allow others to read and execute 5 all the parents example, sub1, sub2 Why is that !?? I've found it so akward and unsecure ! is there a workaround ?

Thanks.

Is it possible to sign a PDF with an OpenPGP key generated by Thunderbird ? in c/linux@lemmy.ml

[–] Rick_C137@programming.dev 3 points 9 months ago* (last edited 9 months ago) (2 children)

Thank you all for your quick reactions !!

To summarize if I want to use the PDF built-in signing I will need to convert my OpenPGP into a X.509 cert otherwise I can simply use the OpenPGP file signing

I want to stick to the UNIX Philosophy especially:

Write programs that do one thing and do it well.

So I will use the OpenPGP signing tool :)

Thanks !

32

Is it possible to sign a PDF with an OpenPGP key generated by Thunderbird ? (programming.dev)

submitted 9 months ago by Rick_C137@programming.dev to c/linux@lemmy.ml

10 comments fedilink

Hi everyone,

I was wondering if you know a way to use the generated OpenPGP key created trough Thunderbird to sign PDF's ?

(Devuan distro)

Thanks.