Create a file in /etc/ as a non-root user

[BIBHU DAS]

I am a python novice;request all to kindly bear with me.

fd = open('/etc/file','w')
fd.write('jpdas')
fd.close()


The above snippet fails with:

Jagannath-MacBook-Pro:~ jpdas$ python testUmask.py
Traceback (most recent call last):
File "testUmask.py", line 3, in <module>
fd = open('/etc/file','w')
IOError: [Errno 13] Permission denied: '/etc/file'


Any Idea how to create a file in /etc as non-root user?Can i use umask or chmod.......confused

 

[Luca Cerone]

fd = open('/etc/file','w')

fd.write('jpdas')

fd.close()

Hi Bibhu, that is not a Python problem, but a permission one.
You should configure the permissions so that you have write access to the folder.
However unless you know what you are doing it is discouraged to save your
file in the /etc/ folder.

I don't know if on Mac the commands are the same, but in Unix systems (that I guess Mac is) you can manage permissions with chmod.

 

[Dave Angel]

Hi Bibhu, that is not a Python problem, but a permission one.
You should configure the permissions so that you have write access to the folder.
However unless you know what you are doing it is discouraged to save your
file in the /etc/ folder.

I don't know if on Mac the commands are the same, but in Unix systems (that I guess Mac is) you can manage permissions with chmod.

That directory is protected from users for a reason. You defeat that
and risk the system.

Bibhu: for that reason I'd suggest simply telling your users to run
your script as root. If they trust you, and it breaks something, at
least they know why they were doing it.

sudo python riskyscript.py

 

[Chris Angelico]

/etc is used to store configuration files for the operating system & if
you inadvertently corrupt the wrong one then you could kill the system.

Expanding on this:

http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard

The FHS applies to Linux, but you'll find it close to what other
Unix-like OSes use too.

It's extremely common to *read* config files from directories like
/etc, but to require root privileges to edit them. If you need to
store data files for some application that runs as your own user, one
good place is a dot-file or directory in your home directory - for
instance, I have:

/home/rosuav/.wine/
/home/rosuav/.bash_history
/home/rosuav/.ssh/
/home/rosuav/.SciTE.session

and many more. All of these are happily read/written by processes
running under the user 'rosuav' (my primary login user). If a
different user fires up bash, a different .bash_history will be used.
This system works well for users that represent humans.

The other type of user is the one that, well, doesn't represent a
human Figuring out where they can store files is a bit harder.
PostgreSQL gets itself a directory somewhere - maybe /opt/postgresql,
maybe /var/lib/postgresql - and restricts itself to that. But the
directory is created by root and then handed over (chowned) to the
other user.

Both these options work well; random processes editing stuff in /etc doesn't

ChrisA

 

[Nobody]

I am a python novice;request all to kindly bear with me.

fd = open('/etc/file','w')
fd.write('jpdas')
fd.close()


The above snippet fails with:

IOError: [Errno 13] Permission denied: '/etc/file'

As it should.

Any Idea how to create a file in /etc as non-root user?

This should not be possible. The language used is irrelevant.

 

[Tim Chase]

This should not be possible. The language used is irrelevant.

It's theoretically possible to pre-create the file (or a
subdirectory) in /etc as root, then "chown" it to have a group for
which certain users can be members. Something like

$ su - # or "sudo sh"
# addgroup bibhusers
# mkdir /etc/bibhu
# chown :bibhusers /etc/bibhu
# chmod g+rwx /etc/bibhu
# for user in bibhu tim guido; do adduser $user bibhusers ; done
# exit
$ logout

Upon next login, the users listed in the "for user in ..." command
should have write access to the directory created in /etc

Not that this would generally be considered a good idea, but if you
wanted to have a global configuration and wanted select users (as
members of a defined group) to have the ability to tweak this global
configuration, this is how it would be done. Otherwise, it's
generally advisable to just have one admin maintain the global
configuration file and then give users a local (in
$HOME/.config/$APPNAME/filename.ext) configuration file to override
those global settings.

-tkc

 

[rusi]

Expanding on this:

http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard

The FHS applies to Linux, but you'll find it close to what other
Unix-like OSes use too.

Yes the FHS is a good center for such discussions. Let me expand on
this a bit.

I am going to use debian/ubuntu+apt because I know it a bit. You can
substitute RH/Centos+yum or whatever...

Modern linuxes are SOAs (service oriented architectures) or cloud
architectures even if we dont like the buzzwords.

This means that when I install debian/ubuntu on my personal computer
there is some kind of contract-ing that goes on between me and
debian. Some of it legal, some semi-legal some entirely informal/
conventional but still very important.

Legal:
For example it may be 'my very own computer' but if I take sources
under a certain license and use them in violation of that license I
could get into legal trouble.

Semi-legal:
Free and not-free software can coexist in ways that are at least
legally nebulous

Conventional:
Debian must not use the machine (and file-system in particular) in
ways that disrespect me.
Note I am not talking of obvious legal gaffes like stealing my private
data but of more 'conventional' problems like strewing my home
directory with meaningless temporary files.

Likewise:
I MUST RESPECT Debian's AREA.
For example I cant go messing about in /usr/bin [the name 'usr' is
misleading and unfortunate] and expect support from debian.
So
$ sudo rm /usr/bin/foo
is improper whereas
$ sudo apt-get purge foo
is proper.

And its improper because you are not to mess around in debian's area
-- except for officially approved channels like 'apt-get purge…' --
just as debian is not to mess around in yours.

And writing into /etc constitutes messing with debian (or whatever is
your distro).

So yes, as Chris suggested read the FHS.

And consider using a 'public-messable' area like /usr/local instead
of /etc.

Actually the situation is more complicated: the deal is not between
just ordinary users like you/me and the distro. There's
- ordinary users like you/me
- packagers
- the distro
- upstream

each with their own rights and responsibilities.
What these are and how to navigate them is best discussed in your
distro's fora eg
http://forums.debian.net/
http://ubuntuforums.org/forum.php

 

[Denis McMahon]

Any Idea how to create a file in /etc as non-root user?Can i use umask
or chmod.......confused

If you don't have root access, you probably shouldn't be trying to write
in /etc. If you need to write in /etc, explain to the sysadmin why you
need root access.

 

[rusi]

If you don't have root access, you probably shouldn't be trying to write
in /etc. If you need to write in /etc, explain to the sysadmin why you
need root access.

The OP is evidently working on a macbook pro.
From which I infer its his own personal notebook.
So 'explain to the sysadmin' amounts to explain to oneself!!

40 years ago, on the first Unices, with machines millions of times
weaker and costlier than today, 'sysadmin' and 'normal user' were
usually different. Today they are usually the same.

So we old Unix-heads need to change our explanations from 'explain to
the sysadmin' to 'change hat from normal-user to superuser'. And then
why simplifying life by having only one hat --
$ sudo bash # and do everything there
is not such a good idea!

To the OP:
One thing that has not changed in 40 (or rather 60) years is the
concept of binding times.
eg C programmers cannot get off the ground if they do not distinguish
compile-time from run-time.

In the current context, it is probably good to distinguish system-
admining time from system-use time.
So as sysadmin, you can pretty much do as you please (though remember
my comments earlier on respecting your distro's space), make a
directory under /etc, chmod, chown, chgrp it to your taste, so that
the (group of) ordinary users can write to it.

And then in normal user mode you should be able to write to it.

However... as I said above it may be preferable to use /usr/local (for
programs) or /var (for data) rather than mess in /etc. [Think of /etc
as windows' registry] Study the FHS to make the right choice.

And finally, if you are the only guy involved, why are you not doing
everything under $HOME?