Jon*_*han 4 debugging permissions
当我有一个以 root 身份运行的进程时,我得到权限错误,产生一个子进程作为 www-data,然后访问一个属于 root 的目录,以及一个属于 www-data 的子文件夹,它有一个指向目录的符号链接它由 www-data 组中的用户拥有,然后具有....你得到了这个想法。我怎么知道它在这个难以置信的复杂链中哪里失败了?我得到的只是权限被拒绝
如果没有陷入这种特定情况的细节,如何开始在 unix 上调试这样的问题?
我只想说
debug_permissions.sh www-data /my/long/symlink/chain```
and I want it to go through and tell me where the terminal point is (where www-data fails to have permissions)
I know there is a tool
``` namei -l /path/```
but that isn't very helpful because it doesn't let me run as another user (or at least I don't know how)
If I run
```sudo su www-data```
I get **This account is currently not available.**
I want to be able to "become" www-data and "cd" around to the dirs and see where i fail to see things. But, that's not letting me do this and I don't want to create a new user just to do this.
啊哈,这是这样做的:
sudo -H -u www-data namei /my/long/symlink/chain
www-data我要调试的用户在哪里