Clearcase - Unable to access VOB - ls: reading directory - Permission denied

…衆ロ難τιáo~ 提交于 2021-01-24 12:06:59

问题


Clearcase Server Version - 8.0.1.19
OS – Centos - 7.6.1810 (Core)

Problem: Created new VOB, Mounted the VOB then created dynamic view on server successfully. From VOB root directory ls command shows below error.

ls: reading directory .: Permission denied
total 0

I have executed below protect commands.

cleartool protectvob -f -chown ccadmin -chgrp testvob-grp /vobstg/testvob.vbs
cleartool protect -chown ccadmin -chgrp testvob-grp -chmod 775 -r .


[root@VOB-Server /]# cleartool desc -l vob:/vobstg/testvob
versioned object base "/vobstg/testvob"
  created 2019-11-21T09:01:57+05:30 by ccadmin.testvob-grp@VOB-Server
  "This is test VOB."
  protected by rolemap: "DefaultRolemap"
  effective access for user "root": rmelem,Read
  VOB family feature level: 8
  VOB storage host:pathname "VOB-Server:/vobstg/testvob.vbs"
  VOB storage global pathname "/net/VOB-Server/vobstg/testvob.vbs"
  database schema version: 80
  modification by remote privileged user: allowed
  atomic checkin: disabled
  srfm: disabled
  evil twin detection: disabled
  VOB ownership:
    owner ccadmin
    group testvob-grp
  minimum client feature level: 8
  ACLs feature level: 8
  Attributes:
    FeatureLevel = 8

View owner has rwx (all) permission. So in newer version of Clearcase do I need to enable configuration for even root id and VOB-owner ID?

I am using default config spec

element * CHECKEDOUT
element * /main/LATEST

Dynamic view created with root account. While describing the VOB tag it shows below error.

[root@VOB-Server]# cleartool desc -l /vobstg/testvob
cleartool: Error: No permission to resolve: "/vobstg/testvob".
cleartool: Error: Unable to access "/vobstg/testvob" because either it is unreadable or its containing VOB is not accessible to the current user.

Whereas with VOB Owner’s account/ID (ccadmin), I can able to describe the VOB.


回答1:


First, it depends on your config spec (I will assume element * /main/LATEST)

Second, your question mentions root@VOB-Server: make sure to do the ls test as the view owner: ccadmin.testvob-grp

Still as the view owner, do a id -a to check if the primary group (or one of the secondary groups) is part of the VOB group (VOB, not view, which is correctly protected)

See "Access control for VOBs" and "About Additional Groups in the VOB's group list"

You can use the cleartool describe command to display the owner, group, and supplemental group list for a VOB.

cleartool descr -l vob:/vobs/vobtag

Whereas with VOB Owner’s account/ID (ccadmin), I can able to describe the VOB.

That is expected: only user with the primary Vob group as part of their group would be able to access the Vob. root has not testvob-grp in its groups (id -a)



来源:https://stackoverflow.com/questions/58967226/clearcase-unable-to-access-vob-ls-reading-directory-permission-denied

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!