Check file permissions via SSH.....

Currently reading
Check file permissions via SSH.....

497
165
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
I need to check the access permissions on a file within the web host:

/Volumes/web/phpBB3/7G_log.txt

Looking at what I can see from the shard file system it does have R/W permissions for the 'http' local group. I'm just wondering if I can check this via SHH (or similar) as so far in a month the firewall system has not written details of any bots looking to attack / scan the forum. This seems strange as the forum software does detect bots visiting it.

I did make some notes as to how to get into the NAS via SSH and check permissions, and I put that note away safely. So safely I can't find where I put it.

So any assistance would be appreciated.
 

fredbert

Moderator
NAS Support
Subscriber
3,610
1,442
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I wondered if there's a DSM Linux command that lists out file ACLs, but didn't get far looking. From what I see in Control Panel a lot of the shared folders have ACLs enabled.

On the SSH commnad line you'll see the standard read/write/execute assignment for owner, group, other permissions when using ls -l myfile_name, these are the -rwxrwxrwx. The '-' at the front would be 'd' for a directory and 'l' for a link file.
 
497
165
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
Okay I got logged in and navigated to the right path. ls -l [filename] gives me:

-rwxrwxrwx+ 1 dbrewood users 65 Dec 26 13:50 7G_log.txt

Which is not a lot of help.... unless the -rwxrwxrwx+ does show it should be read / writable?
 

fredbert

Moderator
NAS Support
Subscriber
3,610
1,442
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
OK so that means:
- : it's a file, of some sort​
rwx : owner dbrewood has rwx​
rwx : group users have rwx​
rwx : every other user has rwx​
+ : it has ACLs assigned​

The ACL is what you see in File Station and I didn't find (haven't time to really search) a command line way to show these, yet.
 
497
165
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
Thanks for that. So File Station shows that http has read / write on the phpBB3 folder (which contains the file) so the 7G firewall PHP file which is also in that directory should have the ability to write to the log file.
 

fredbert

Moderator
NAS Support
Subscriber
3,610
1,442
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
The ACL should take precedence. When I've look at other files/folders via SSH I see many shared folders have what looks like more permissive Unix access than I would expect, but then there are the ACLs that apply a different amount of access.

Using ls -l will list all visible items in the current directory, while ls -al will list visible and hidden (.dot files).

As for whether the PHP file can write to the log file will depend on which user is executing the PHP file, and do they have access to the log file. The PHP file's permission apply to which users can access it, not what it can access ... both the PHP and log files are items that have access to them controlled but that access is applied to users.
 
497
165
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
Right understood. The PHP file will be executed by the web host itself so by the http user I guess.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

BTRFS should work fine. In my system I have a SHR data pool with BTRFS and one SHR pool EXT4. Both are...
Replies
4
Views
675
  • Solved
Is there any recommendations on whether to leave record file access time off, daily, or monthly? I turned...
Replies
7
Views
944
Have this issue and found a number of posts about it in various forums, but none of the suggestions pan...
Replies
0
Views
884
I thought that might be the case. I was able to get it to work (identifying individual disk locations) on...
Replies
5
Views
685
On the command line enter help to get a list of the commands. If you enter help cd you'll get the full...
Replies
3
Views
2,239

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top