How To
Summary
AIX file systems have two sets of permissions: The mount point permissions, and the mounted file system permissions. If you encounter access errors although the mounted permissions seem correct, check the underlying mount point permissions. Underlying mount point permissions are hidden by the file system root directory permissions.
Objective
Environment
This example uses the following file systems:
- /filesystemA
- /filesystemA/filesystemB
SCENARIO:
Non-root members of group "system" are unable to write to /filesystemA/filesystemB, although the permissions show rwx (read, write, and execute) for the group.
|
# ls -ald /filesystemA/filesystemB ---> drwxrwxr-x 3 root system 256 May 11 13:09 /filesystemA/filesystemB # ls -ald /filesystemA ---> drwxrwxr-x 4 root system 256 May 11 13:09 /filesystemA |
Steps
To check the underlying mount point permissions, first check /filesystemA/filesystemB permissions by mounting filesystemA to another mount point in order to unhide filesystemB directory.
| # mount -v namefs /filesystemA /mnt # ls -ald /mnt/filesystemB ---> drwxrwxr-x 2 root system 256 May 11 13:09 /mnt/filesystemB The permissions are OK.
# unmount /mnt |
Next, check the parent /filesystemA permissions by mounting "/" file system to another mount point in order to unhide filesystemA directory:
| # mount -v namefs / /mnt # ls -ald /mnt/filesystemA ---> drwx------ 3 root system 256 May 11 13:05 /mnt/filesystemA Only root has write permissions.
If there are any permission problems you can fix them. The following example adds read, write, and execute permissions for the group, and read and execute permissions for others, by using the temporary mount point "/mnt":
# chmod g+rwx o+rx /mnt/filesystemA
# ls -ald /mnt/filesystemA
---> drwxrwxr-x 3 root system 256 May 11 13:05 /mnt/filesystemA Now permissions are fixed.
# unmount /mnt
Now that permissions are fixed, test again the command that was failing previously.
|
Additional Information
It will provide a list of all mounted directories and their underlying permissions.
|
#!/bin/ksh
#Show Mount Point Permissions [ `whoami` = "root" ] || { echo "Run as root"; exit 1; }
tmpdir="/tmp/$$"
mkdir "$tmpdir" for fs in `mount | grep jfs | awk '{print $2}'`; do printf "%-24s" "Mounted: " ls -ald $fs parentmount=`df "/$fs/.." | tail -n 1 | awk '{print $7}'` mount -o ro "$parentmount" "$tmpdir" printf "%-24s" $fs ls -ald `echo $fs | sed "s%$parentmount%$tmpdir/%"` umount "$tmpdir" printf "%s\n" "---------" done rmdir "$tmpdir" |
|
SUPPORT
|
|---|
|
If you require more assistance, use the following step-by-step instructions to contact IBM to open a case for software with an active and valid support contract. 1. Document (or collect screen captures of) all symptoms, errors, and messages related to your issue. 2. Capture any logs or data relevant to the situation. 3. Contact IBM to open a case: - For electronic support, see the IBM Support Community: 4. Provide a clear, concise description of the issue. 5. If the system is accessible, collect a system snap, and upload all of the details and data for your case. - For more information, see: Working with IBM AIX Support: Collecting snap data |
Related Information
Was this topic helpful?
Document Information
Modified date:
26 October 2021
UID
ibm10884178