On Thu, 2006-11-30 at 13:33 -0500, Mike Branda wrote:
> So I'm using LDAP and I'm having trouble accessing a directory that is
> group owned. ( names changed to protect the innocent... ;^) )
>
> fooboy@Sanity:/> ls -lad Projects/submarine_sandwich/
>
> drwxrws--- 6 fooman animate 4096 2006-11-30 13:13
> Projects/submarine_sandwich
>
> fooboy@Sanity:/> cd Projects/submarine_sandwich/
>
> bash: cd: Projects/submarine_sandwich/: Permission denied
>
> fooboy@Sanity:/> groups
>
> color mgmt admin users
>
> fooboy@Sanity:/> groups fooboy
>
> color mgmt animate admin users
>
>
> First off, what's up with that? From man groups:
>
> groups [OPTION]... [USERNAME]...
>
> Same as id -Gn. If no USERNAME, use current process
>
>
> also:
>
> fooboy@Sanity:/> getent group
>
> --snipped bunch of users--
>
> nogroup:x:65534:nobody
> users:x:100:fooboy
> +::0:
> mgmt:x:1013:fooboy
> color:x:1015:fooboy
> animate:x:1016:fooman,fooboy
> admin:x:1018:fooboy
>
>
>
> shows that the user is a part of the group. Any ideas as to why this is
> happening?
>
>
> TIA!
>
> Mike Branda Jr.
Solved my own question. The issue is nsswitch / nscd related.
From: http://www.libertycreek.net/tutorial_openldap_suse
The Name Service Cache Daemon, nscd, caches name entries, and it doesn't
automatically invalidate and reload the cache when the LDAP database is
updated. It is best to turn this off when populating or making many
changes to the LDAP directory.
To force it to invalidate and reload password and group data, issue:
# nscd --invalidate=passwd
# nscd --invalidate=group
Hope this helps someone out there eventually.
Mike Branda Jr.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:56:08 EDT