From owner-freebsd-questions@FreeBSD.ORG  Thu Nov 13 05:29:01 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1D07A1065670
	for <freebsd-questions@freebsd.org>;
	Thu, 13 Nov 2008 05:29:01 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from QMTA10.westchester.pa.mail.comcast.net
	(qmta10.westchester.pa.mail.comcast.net [76.96.62.17])
	by mx1.freebsd.org (Postfix) with ESMTP id AE8038FC12
	for <freebsd-questions@freebsd.org>;
	Thu, 13 Nov 2008 05:29:00 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from OMTA09.westchester.pa.mail.comcast.net ([76.96.62.20])
	by QMTA10.westchester.pa.mail.comcast.net with comcast
	id eVAF1a0010SCNGk5AVUtU0; Thu, 13 Nov 2008 05:28:53 +0000
Received: from koitsu.dyndns.org ([69.181.141.110])
	by OMTA09.westchester.pa.mail.comcast.net with comcast
	id eVUy1a00C2P6wsM3VVUzzz; Thu, 13 Nov 2008 05:28:59 +0000
X-Authority-Analysis: v=1.0 c=1 a=Q_uwlwNbziIA:10 a=S6nwchGT3qIA:10
	a=QycZ5dHgAAAA:8 a=8aYJ2cIidJaSWBoIn8cA:9 a=Hc5PZnoIbCNGf-HPUrMA:7
	a=wfn3fZ1So1JM96NeZQB7rgxEisMA:4 a=EoioJ0NPDVgA:10 a=LY0hPdMaydYA:10
Received: by icarus.home.lan (Postfix, from userid 1000)
	id 75ED75C19; Wed, 12 Nov 2008 21:28:58 -0800 (PST)
Date: Wed, 12 Nov 2008 21:28:58 -0800
From: Jeremy Chadwick <koitsu@FreeBSD.org>
To: APseudoUtopia <apseudoutopia@gmail.com>
Message-ID: <20081113052858.GA11292@icarus.home.lan>
References: <27ade5280811122116h3f9dc0a1k9293b14c96ac020f@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <27ade5280811122116h3f9dc0a1k9293b14c96ac020f@mail.gmail.com>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: freebsd-questions@freebsd.org
Subject: Re: Permission Denied for "find" command; No idea why
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Nov 2008 05:29:01 -0000

On Thu, Nov 13, 2008 at 12:16:24AM -0500, APseudoUtopia wrote:
> Hey. I've been writing a set of sh backup scripts over the past few
> days. I'm having some trouble with the final thing with them.
> 
> This is the command that is being run by the "www" user via cron:
> /usr/bin/find /usr/local/backups/ -ctime +7d -type f -not -name
> "*daily_backup*" -ls
> 
> (Eventually, I'm going to change the "-ls" to "-delete")
> 
> This is the "ls -al" of /usr/local/backups:
> drwxrwx---   2 www   wheel        512 Nov 13 04:29 .
> drwxr-xr-x  15 root  wheel        512 Nov 12 20:24 ..
> -rw-------   1 www   wheel   22250785 Nov 13 04:18 2008-11-13.mysql-main.sql
> -rw-------   1 www   wheel     124781 Nov 13 04:18 2008-11-13.mysql-staffwiki.sql
> -rw-------   1 www   wheel     674306 Nov 13 04:18 2008-11-13.mysql-wiki.sql
> -rw-------   1 www   wheel  111845376 Nov 13 04:18 2008-11-13.www.tar
> -r-xrw----   1 www   wheel       8109 Nov 13 04:16 daily_backup.sh
> 
> For some reason, the "find" command above is getting a "permission denied."
> And, again, the "find" command is being run by the "www" user, who
> owns the files and dir.
> The exact message is: "find: .: Permission denied"
> 
> The "find" permissions:
> -r-xr-xr-x  1 root  wheel  36800 Oct 23 01:17 /usr/bin/find
> 
> Also, all dirs above /usr/local/backups (/usr and /usr/local) are +x
> for the "other" user, so the www should be able to enter them:
> drwxr-xr-x  17 root  wheel      512 Nov 12 20:38 usr
> drwxr-xr-x  15 root  wheel      512 Nov 12 20:24 local
> 
> Does anyone have any idea what's causing this permission denied error?
> Obviously it's some sort of permissions problem, but I have no idea
> where or what exactly it is. It's driving me crazy.

"find: .: Permission denied" would only be returned, AFAIK, if you were
doing "find . <someflags>", which your "find" example above does not
show.

Example:

$ id
uid=1000(jdc) gid=1000(users) groups=1000(users),0(wheel),20(staff),1002(wwwsite),1501(storage)

$ ls -ld /var/heimdal
drwx------    2 root      wheel     512 14 Oct 13:21 /var/heimdal/

$ find /var/heimdal -print
/var/heimdal
find: /var/heimdal: Permission denied
$

$ find /var/db -type d -print 1> /dev/null
find: /var/db/entropy: Permission denied
find: /var/db/ipf: Permission denied
find: /var/db/postfix: Permission denied

$ ls -ld /var/db/entropy /var/db/ipf /var/db/postfix
drwx------    2 operator  operator  512 12 Nov 21:22 /var/db/entropy/
drwx------    2 root      wheel     512 14 Oct 13:21 /var/db/ipf/
drwx------    2 postfix   wheel     512  6 Nov 04:16 /var/db/postfix/

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |