[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Permission denied" from dired, but not from ido completion in tramp
|
From: |
Michael Albinus |
|
Subject: |
Re: "Permission denied" from dired, but not from ido completion in tramp |
|
Date: |
Tue, 18 Jun 2024 11:09:11 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Philipp Middendorf <pmidden@mailbox.org> writes:
> Hi Michael and Adam,
Hi Philipp,
> I asked the admins here finally and got some new results, namely from
> calling nfs4_getfacl instead of just getfacl:
>
> # file: /asap3/petra3/gpfs/p11/2024/data/11019260
> A::OWNER@:rxtTnNcCoy
> A::GROUP@:rxtncy
> A::EVERYONE@:tncy
> A:fdg:fs-dmgt:rwaDdxtTnNcCoy
> A:fd:psgsrv:rxtTnNcCy
> A:fdg:11019260-part:rxtnc
> A:fdg:11019260-clbt:rxtnc
> A:fdg:11019260-dmgt:rxtnc
> A:fdg:p11staff:rxtncy
> A:fdg:p11dmgt:rxtncy
> A:fd:asapo:rxtnc
>
> As you can see, it mentions 11019260-part, which is a group I'm
> in. Not sure how that relates to emacs' handling of ACLs and if that
> can be fixed.
Thanks a lot, this seems to explain it. As we have seen in your debug
buffer, the directory /asap3/petra3/gpfs/p11/2024/data/11019260 is owned
by user:group fsdata:fsdata. According to the ACLs above, this results
in the permissions string "dr-xr-x---", due to
--8<---------------cut here---------------start------------->8---
A::OWNER@:rxtTnNcCoy
A::GROUP@:rxtncy
A::EVERYONE@:tncy
--8<---------------cut here---------------end--------------->8---
And as you have observed as well, the group 11019260-part has the ACL
rxtnc, which means also read and execute permissions. But this
information cannot be given by stat or ls, the tools Tramp uses.
As I have said in a previous message, I have added the user option
tramp-use-file-attributes in Tramp 2.7.1. In your case, you could set it
to nil, which means that Tramp does not use stat or ls for determining
read, write and execute permissions. Instead, it uses different calls of
the test vcommand, which returns proper information.
If you have a chance, please test Tramp from its git repo. If this isn't
possible, just wait some few days. Tramp 2.7.1 will be released on GNU
ELPA end of June. You could install it from there.
> I have asked this previously but didn't get a reply: Why does emacs
> have this additional permissions check at all? Why doesn't it simply
> always try to open the file and then output the error from the
> operating system?
Defensive programming. Sometimes (often?) the error messages are
cryptic when presented to a user, and she would assume an error in
Emacs/Tramp.
Furthermore, it is a common attack vector by malware to use error
messages for unintended behavior of programs. This must be avoided.
> Cheers
> Philipp
Best regards, Michael.
- Re: "Permission denied" from dired, but not from ido completion in tramp, (continued)
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Adam Sjøgren, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/15
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/16
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/16
- Re: "Permission denied" from dired, but not from ido completion in tramp, Michael Albinus, 2024/06/16
- Re: "Permission denied" from dired, but not from ido completion in tramp, Philipp Middendorf, 2024/06/17
- Re: "Permission denied" from dired, but not from ido completion in tramp,
Michael Albinus <=
- Re: "Permission denied" from dired, but not from ido completion in tramp, Adam Sjøgren, 2024/06/16