Chown.sh Script - Cannot Get Chown To Work

**dlevens** · July 7, 2004

Hey guys, hopefully this is the right place to ask this question. I am trying to right a shell script to run via a cron job that will change the owner ship of a folder and files.

So far I have created the following script (/public_html/cgi-bin/chown.sh) in Unix ANSI format. CHMOD is 755

#!/bin/bash

cd /home/myuserid/.mysqmailtest

chown -R myuserid.myuserid data

Currently the owner and group is 99

I would like to make my userid the owner of this directory.

I am installing a stand alone copy of squirrelmail and everything is working but I cannot view or modify the files in the data directory since 99 is the owner and group and there is no public view rights. I want to make this data folder similar to the default data folder we use for webmail. This way I can edit and view the data files.

I think my script is written wrong but I do not know enough about this to know where I messed up.

Any pointers would be appreciated.

Dennis

**MikeJ** · July 7, 2004

Users don't have access to change ownership of files.

If the ownership is showing up as 99, that means the files are being created as the webserver user (nobody).

You can submit a helpdesk ticket to request the the files be changed for you, but if they get changed back by your sqmail installation, you'll need to look at your sqmail setup (I don't know the sqmail setup options off the top of my head).

**DarqFlare** · July 8, 2004

I'd like to add that per TCH rules, you're not allowed to execute scripts that run shell commands. That's why phpShell is not allowed.

**dlevens** · July 8, 2004

Ahhhhhh, so that is why it is not working

Thanks for the heads up.

Dennis

**jandafields** · July 14, 2004

According to official linux handbooks, chown can only be run by a superuser (root), as TCH-MikeJ said.

I just wanted to mention that this is a restriction of linux, not the hosting company.

I find it odd that linux does not allow a user to "give away" a file, but that's how it works...

**MikeJ** · July 14, 2004

I find it odd that linux does not allow a user to "give away" a file, but that's how it works...

"Giving away" file ownership would be a huge security hole (as scripts can be set to run as the owner of the script, for example).

**borfast** · July 14, 2004

jandafields, note that chown *can* be used by regular (non-root) Linux users.

What a regular user can't do is change the ownership of files he/she doesn't own, only root can do that.

Edited July 14, 2004 by TCH-Raul

**jandafields** · July 14, 2004

jandafields, note that chown *can* be used by regular (non-root) Linux users.
What a regular user can't do is change the ownership of files he/she doesn't own, only root can do that.

Hmmm...

According to the linux documentation:

Only the super-user may change the owner of a file. The owner of a file may change the group of the file to any group of which that owner is a member.

**TCH-Bruce** · July 14, 2004

While that may be in the documentation. You can change the ownership of a file you own under Linux. But once changed to another user you will not be able to change it back without having root permission or logged in as the owner the file was assigned too.

**jandafields** · July 14, 2004

Hmmm... Seems to be some differing opinions among people here.

**TCH-Bruce** · July 14, 2004

Hmmm... Seems to be some differing opinions among people here.

Well, mine was a test. I logged in as a user, changed the ownership of a file and it did it. Tried changing it back and received a warning I could not do it because I was not the owner.

Logged in as root and changed it back.

**jandafields** · July 14, 2004

Okay, you win. I guess MikeJ and myself were incorrect. Thanks for the info!

**TCH-Bruce** · July 14, 2004

No, that's not entirely correct. The original problem is the files and directories being created were not created under his name but rather with "nobody" as the owner. So he could not change those since he was not the owner.

If you have ownership it is possible to give ownership to another user. But once doing so you can not get it back unless the other user changes it or it is changed from the super user account "root".

**MikeJ** · July 14, 2004

Well, mine was a test. I logged in as a user, changed the ownership of a file and it did it. Tried changing it back and received a warning I could not do it because I was not the owner.

It depends on the implementation of the system you are using (and where the confusion is happening).

>mike@kingkong [~]$ uname -a
Linux kingkong.********.com 2.4.26-grsec.2 #1 Mon May 3 22:42:41 EDT 2004 i686 unknown
mike@kingkong [~]$ ls -l testfile
-rw-r--r--    1 mike     mike            1 Jul 14 13:52 testfile
mike@kingkong [~]$ chown nobody testfile
chown: changing ownership of `testfile': Operation not permitted

That's on my own dedicated server (running RedHat Linux), but the shared servers are configured the same way as far as chown, as are RedHat installations by default. It won't be changed due to security and auditing reasons.

**borfast** · July 14, 2004

I agree with Bruce.

The "problem" with changing file owners in your TCH account is that the files are probably owned by the Apache web server user (in our case, "nobody") and since the files are not yours, you can't change their owner.

If the files had been created by your user, then you could change their owner but, just as Bruce said, then you wouldn't be able to change their owner back to you.

EDIT: Hummm... I didn't know about that, Mike. I believe that every Linux system I used allows a regular user to change the ownership of his own files. Well, guess I've learned something new, today

Edited July 14, 2004 by TCH-Raul

**jandafields** · July 14, 2004

Bruce, was your successful test on the TCH server?

**dlevens** · July 14, 2004

If I am the owner of the file and want to give away ownership to nobody then how would I do that?

So far I am trying this script but it is failing

chown.sh

>#!/bin/sh

cd /home/my_cpanel_userid/public_html/squirrelmail/plugins/change_passwd
chown root:nobody chpasswd

I have it in my cgi-bin directory with chmod 755 and trying to run via the web.

Dennis

**MikeJ** · July 14, 2004

If I am the owner of the file and want to give away ownership to nobody then how would I do that?

I'll say this in plain English.

You can't.

Only the "root" (admin) user can change ownership of files on TCH servers.

Edited July 14, 2004 by TCH-MikeJ

**TCH-Rick** · July 14, 2004

Please see the post by MikeJ earlier. This cannot be done on the servers for security reasons. You cannot change the ownership of a file period. If you create it, it will be created using your username. If the webserver creates it, it is created using nobody as the owner.

I just ran the same test Mike ran using my account on a shared server. I logged in with my username and tried chowning a file that I owned and got this:

bash-2.05a$ chown rickvz.nobody README
chown: changing ownership of `README': Operation not permitted

Just because something can be done on a particular installation of linux does not mean it can be done on any linux installation. Security can be set to allow or reject various options.

{Edit - Mike posted while I was typing.}

**dlevens** · July 14, 2004

Makes perfect sense. I was a little confused because it appeared Bruce had somehow gotten this to work. But I see now that this is a setting by design at TCH for security reasons.

I will use the good ole helpdesk for chown requests

Thanks guys,

Dennis

**MikeJ** · July 14, 2004

I was a little confused because it appeared Bruce had somehow gotten this to work. But I see now that this is a setting by design at TCH for security reasons.

Just to clarify, this isn't a TCH only thing. It's a common default setting in most unix distributions.

Bruce didn't do his test on a TCH server.

I'm actually somewhat curious what Linux installations/distributions Bruce and Raul are seeing this ability enabled.

**borfast** · July 14, 2004

Mike, Red Hat has it enabled since... well, since I can remember, actually but I may be wrong. I can guarantee you that FC1 and 2 and RH9 all had it enabled, though.

Also, IIRC, Mandrake has it enabled by default. Lindows too, Lycoris and Yellow Dog, if I'm not mistaken.

I even thought that it was the default way chown/chgrp worked

**TCH-Bruce** · July 14, 2004

MikeJ is correct, I did not do my test on a TCH server (I do not have shell access, nor do I need it). I have Linux running in my office and ran a test here. My apologies for adding to the confusion.

As for this being a configuration thing, I did not know. So as Raul said, I learned something today.

Edited July 14, 2004 by TCH-Bruce

Sign In

Chown.sh Script - Cannot Get Chown To Work

Recommended Posts

dlevens

MikeJ

DarqFlare

dlevens

jandafields

MikeJ

borfast

jandafields

TCH-Bruce

jandafields

TCH-Bruce

jandafields

TCH-Bruce

MikeJ

borfast

jandafields

dlevens

MikeJ

TCH-Rick

dlevens

MikeJ

borfast

TCH-Bruce

Join the conversation

Hosting