Обсуждение: permissions failure to copy csv data
Readers, The following command was entered from normal user account where csv files are: COPY newdatabasenametable FROM '/path/to/file.csv' WITH CSV; ERROR: could not open file "/path/to/file.csv" for reading: Permission denied Superuser X created by linux root account but unable to read csv files even though permissions are read-execute for others (tried to change to read-write-execute, no success): su root su postgres createuser X createdb -U X newdatabasename When changing to postgres account: pwd: /path/to/ su root su postgres psql newdatabasename could not change directory to "/path/to Welcome to psql 8.2.13, the PostgreSQL interactive terminal. Type: \copyright for distribution terms \h for help with SQL commands \? for help with psql commands \g or terminate with semicolon to execute query \q to quit How do I configure the permissions correctly? Yours, postgresql@conference.jabber.org postgresql8213 mandriva2008
e-letter <inpost@gmail.com> writes: > The following command was entered from normal user account where csv files are: > COPY newdatabasenametable FROM '/path/to/file.csv' WITH CSV; > ERROR: could not open file "/path/to/file.csv" for reading: Permission denied The postgres account either doesn't have permission to read that file, or doesn't have permission to search one of the directories in the path. > su root > su postgres > psql newdatabasename > could not change directory to "/path/to This would work better with "su -l postgres", so that you don't end up with a situation where psql is being started in a directory it has no permissions for. regards, tom lane
On 09/10/2010, Tom Lane <tgl@sss.pgh.pa.us> wrote: > e-letter <inpost@gmail.com> writes: >> The following command was entered from normal user account where csv files >> are: > >> COPY newdatabasenametable FROM '/path/to/file.csv' WITH CSV; >> ERROR: could not open file "/path/to/file.csv" for reading: Permission >> denied > > The postgres account either doesn't have permission to read that file, > or doesn't have permission to search one of the directories in the path. > Using the command: ls -ao file.csv showed: -rwxr-xr-x This suggests to me that 'others' have permission to search the directory for the file. >> su root >> su postgres >> psql newdatabasename >> could not change directory to "/path/to > > This would work better with "su -l postgres", so that you don't end > up with a situation where psql is being started in a directory it > has no permissions for. > Please advise documentation that explains the '-l' command. I tried 'man su' but no terminal response.
On 10 October 2010 21:51, e-letter <inpost@gmail.com> wrote: > On 09/10/2010, Tom Lane <tgl@sss.pgh.pa.us> wrote: >> e-letter <inpost@gmail.com> writes: >>> The following command was entered from normal user account where csv files >>> are: >> >>> COPY newdatabasenametable FROM '/path/to/file.csv' WITH CSV; >>> ERROR: could not open file "/path/to/file.csv" for reading: Permission >>> denied >> >> The postgres account either doesn't have permission to read that file, >> or doesn't have permission to search one of the directories in the path. >> > Using the command: > > ls -ao file.csv > > showed: > > -rwxr-xr-x > > This suggests to me that 'others' have permission to search the > directory for the file. No. That means that if other users have access to the directory, then they will be able to read (and execute) the file. Try running ls -ld on all the directories leading up to that directory. e.g. if the file is in /path/to/dir/file.csv then run: ls -ld / ls -ld /path ls -ld /path/to ls -ld /path/to/dir All of them should have at least an x bit for "other". >>> su root >>> su postgres >>> psql newdatabasename >>> could not change directory to "/path/to >> >> This would work better with "su -l postgres", so that you don't end >> up with a situation where psql is being started in a directory it >> has no permissions for. >> > Please advise documentation that explains the '-l' command. I tried > 'man su' but no terminal response. -, -l, --login Provide an environment similar to what the user would expect had the user logged in directly. When - is used, it must be specified as the last su option. The other forms (-l and --login) do not have this restriction. Basically, if you are in /home/username and you type "su" ("root" is redundant) you will be in /home/username still. When you then run "su postgres" you will still be in /home/username and the postgres user may not have access to that directory. This may cause error messages to be displayed when you run commands like psql. Using "su - postgres" or "su -l postgres" makes sure you start in the postgres user's home directory and also sets various environment variables like HOME and USERNAME and runs the postgres user's login scripts. This is generally what you want to do. -- Michael Wood <esiotrot@gmail.com>
On 10/10/2010, Michael Wood <esiotrot@gmail.com> wrote: > On 10 October 2010 21:51, e-letter <inpost@gmail.com> wrote: >> On 09/10/2010, Tom Lane <tgl@sss.pgh.pa.us> wrote: >>> e-letter <inpost@gmail.com> writes: >>>> The following command was entered from normal user account where csv >>>> files >>>> are: >>> >>>> COPY newdatabasenametable FROM '/path/to/file.csv' WITH CSV; >>>> ERROR: could not open file "/path/to/file.csv" for reading: Permission >>>> denied >>> >>> The postgres account either doesn't have permission to read that file, >>> or doesn't have permission to search one of the directories in the path. >>> >> Using the command: >> >> ls -ao file.csv >> >> showed: >> >> -rwxr-xr-x >> >> This suggests to me that 'others' have permission to search the >> directory for the file. > > No. That means that if other users have access to the directory, then > they will be able to read (and execute) the file. > > Try running ls -ld on all the directories leading up to that directory. > > e.g. if the file is in /path/to/dir/file.csv then run: > > ls -ld / > ls -ld /path > ls -ld /path/to > ls -ld /path/to/dir > > All of them should have at least an x bit for "other". > I used the command: chmod 755 /path/to This solved the problem, thank you.