Has anyone ever encountered this? It's one of those it was working Monday but not today issues.
We have an account pcadmin in the group utl, its supposed to read the files in utl. No issues on Monday, but today pcadmin can't read anything owned by utl. Below you can see it still has the group and the group ownership of the files. My instinct is reboot the host, but its prod and the request will take awhile to get approved. Any other thoughts?
$ id pcadmin
uid=30101(pcadmin) gid=10051(pcadmin) groups=1(staff),10000(infra),31008(pc_pdc),31007(pc_frm),10012(omg),10003(bpr),
31019(embsft),10068(pcdev),31005(cqsadm),10303(sfubpr),10067(bpftpg),
10139(cqs),10041(act),10011(bil),10014(ccr),30125(utl)
$ groups pcadmin
pcadmin : pcadmin staff infra pc_pdc pc_frm omg bpr embsft pcdev cqsadm sfubpr bpftpg cqs act bil ccr utl
$ ls -ltr
total 8
-rw-rw---- 1 prutl utl 632 Mar 05 21:43 CST_END_TO_END_PF.txt
-rw-rw---- 1 prutl utl 15 Mar 05 22:45 test
-rw-rw---- 1 prutl utl 12 Mar 05 22:48 jeremy.txt
$ cat jeremy.txt
cat: 0652-050 Cannot open jeremy.txt.
$ uptime
10:50PM up 83 days, 16:31, 9 users, load average: 2.61, 3.33, 4.02
it happens sometimes.. when you have a lot of groups and you are concerned by the last ones in the list... To tell you more I would need to know a bit more about your OS (oslevel...) and what you have not said here or I cant see it: What are the perms on that current directory and have they changed?
The case I have quite similar is happening on a FS that is imported from a NAS... where our AD have put ACLs..., I wonder if its because og the group sticky bit the WIN stuff cant manage and so the arctefact.. Workaround since you are in the group:
newgrp utl
...
But it would be interesting to know why it worked and no more today... but wee need the directory perms...
As phobus asked what is the permission on the main directory, it might be someone changed the permissions on it.
running newgrp <groupname> will change the existing secondary group to primary group (of that user). So be aware of this before you execute the command.
My guess is that on Monday the user was in 16 groups and someone added a 17th group since then. NGROUPS_MAX is often set to 16. Even if it is increased, NFS only supports 16 groups. Is the file system NFS mounted?
I think we are making progress. What is the content (regarding this filesystem) of the file /etc/exports on the system exporting the share?
To be sure the loaded NFS configuration is what the file says issue a
exportfs -va
as root on the exporting system. This re-exports all shares putting the current content of /etc/exports into effect (if it wasn't already). Check the effect with the command (as root)